loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nazila Gol Mohammadi 1 ; Ludger Goeke 1 ; Maritta Heisel 1 and Mike Surridge 2

Affiliations: 1 Working Group Software Engineering, University of Duisburg-Essen, Oststr. 99, Duisburg, Germany ; 2 IT Innovation, Southampton, U.K.

Keyword(s): Context Analysis, Risk Assessment, Threat and Control Identification, Cloud Computing Systems.

Abstract: Data protection and a proper risk assessment are success factors for providing high-quality cloud computing systems. Currently, the identification of the relevant context and possible threats and controls requires high expertise in the security engineering domain. However, consideration of experts’ opinions during the development life-cycle often lacks a systematic approach. This may result in overlooking of relevant assets or missing relevant domain knowledge, etc. Our aim is to bring context analysis and risk assessment together in a systematic way. In this paper, we propose a systematic, tool-assisted, and model-based methodology to scope the context and risk assessment for a specific cloud system. Our methodology consists of two parts: First, we enhance the initial context analysis necessary for defining the scope for risk assessment, and second we identify relevant threats and controls during design- and deployment-time. Using the context model, and design-time system model, we further refine the gathered information into a deployment model. All steps of our methodology are tool supported and in a semi-automatic manner. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.238.251.21

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Mohammadi, N.; Goeke, L.; Heisel, M. and Surridge, M. (2020). Systematic Risk Assessment of Cloud Computing Systems using a Combined Model-based Approach. In Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS; ISBN 978-989-758-423-7; ISSN 2184-4992, SciTePress, pages 53-66. DOI: 10.5220/0009342700530066

@conference{iceis20,
author={Nazila Gol Mohammadi. and Ludger Goeke. and Maritta Heisel. and Mike Surridge.},
title={Systematic Risk Assessment of Cloud Computing Systems using a Combined Model-based Approach},
booktitle={Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS},
year={2020},
pages={53-66},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009342700530066},
isbn={978-989-758-423-7},
issn={2184-4992},
}

TY - CONF

JO - Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS
TI - Systematic Risk Assessment of Cloud Computing Systems using a Combined Model-based Approach
SN - 978-989-758-423-7
IS - 2184-4992
AU - Mohammadi, N.
AU - Goeke, L.
AU - Heisel, M.
AU - Surridge, M.
PY - 2020
SP - 53
EP - 66
DO - 10.5220/0009342700530066
PB - SciTePress