http://iet.metastore.ingenta.com
1887

Virtualisation security risk assessment for enterprise cloud services based on stochastic game nets model

Virtualisation security risk assessment for enterprise cloud services based on stochastic game nets model

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Resource virtualisation is a prominent characteristic of cloud services, and it determines the resource utilisation efficiency and service quality. However, the virtualisation security issues also have a significant impact on the safety of cloud services. The security of virtualisation in cloud services is so complicated that current security risk assessment methods generally have some limitations when applying in cloud services. In this work, a security risk assessment model has been proposed for cloud services as a solution of this problem using stochastic game nets. Based on graphical tools, the virtualisation security risk scenario of cloud services can be described clearly, and virtualisation security risk factors can be evaluated accurately. The analysis results proved this method had powerful ability to simulate complicated and dynamic security issues in cloud services. Furthermore, our achievements can be used to help the cloud provider or tenant of the cloud service system taking corresponding measures to mitigate the risk.

References

    1. 1)
      • P. Mell , T. Grance .
        1. Mell, P., Grance, T.: ‘The NIST definition of cloud computing: Recommendations of the National Institute of Standards and Technology’. Available at http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.
        .
    2. 2)
      • W. Dawoud , L. Takouna , C. Meinel .
        2. Dawoud, W., Takouna, L., Meinel, C.: ‘Infrastructure as a service security: challenges and solutions’. Informatics and Systems (INFOS). 2010 The 7th Int. Conf. on. Informatics and Systems (lNFOS), 2010, 2010, pp. 18.
        . Informatics and Systems (INFOS). 2010 The 7th Int. Conf. on. Informatics and Systems (lNFOS), 2010 , 1 - 8
    3. 3)
      • Z. Wang , X. Jiang .
        3. Wang, Z., Jiang, X.: ‘HyperSafe: a lightweight approach to provide lifetime hypervisor control-flow integrity’. Security and Privacy (SP), 2010 IEEE Symp. Security and Privacy (SP), 2010 IEEE Symp. on, 2010, pp. 380395.
        . Security and Privacy (SP), 2010 IEEE Symp. Security and Privacy (SP), 2010 IEEE Symp. on , 380 - 395
    4. 4)
      • A. Jasti , P. Shah , R. Nagaraj .
        4. Jasti, A., Shah, P., Nagaraj, R., et al: ‘Security in multi-tenancy cloud’. In Security technology (ICCST). 2010 IEEE Int. Carnahan Conf. Security Technology (lCCST), 2010, pp. 3541.
        . In Security technology (ICCST). 2010 IEEE Int. Carnahan Conf. Security Technology (lCCST) , 35 - 41
    5. 5)
      • Q. Duan , Y. Yan , A.V. Vasilakos .
        5. Duan, Q., Yan, Y., Vasilakos, A.V.: ‘A survey on service-oriented network virtualization toward convergence of networking and cloud computing’, IEEE Trans. Netw. Service Manage, 2012, 9, (4), pp. 373392.
        . IEEE Trans. Netw. Service Manage , 4 , 373 - 392
    6. 6)
      • B. Guan , J. Wu , Y. Wang .
        6. Guan, B., Wu, J., Wang, Y., et al: ‘CIVSched: a communication-aware inter-VM scheduling technique for decreased network latency between collocated VMs’, IEEE Trans. Cloud Comput, 2014, 2, (3), pp. 320332.
        . IEEE Trans. Cloud Comput , 3 , 320 - 332
    7. 7)
      • R. Latif , H. Abbas , S. Assar .
        7. Latif, R., Abbas, H., Assar, S., et al: ‘Cloud computing risk assessment: a systematic literature review’. Future Information Technology, Springer, Berlin, Heidelberg, 2014, pp. 285295.
        . Future Information Technology , 285 - 295
    8. 8)
      • W.-Z. Chen , H.-W. Zhu , H. Wei .
        8. Chen, W.-Z., Zhu, H.-W., Wei, H.: ‘SeVMM: VMM-based security control model’. Int. Conf. Cyberworlds, 2008.
        . Int. Conf. Cyberworlds
    9. 9)
      • Q. Zhang , Y. Wu , D. Cui .
        9. Zhang, Q., Wu, Y., Cui, D., et al: ‘Research on the security of storage virtualization based on trusted computing’. Int. Conf. Networking and Digital Society, 2010.
        . Int. Conf. Networking and Digital Society
    10. 10)
      • G.J. Popek , R.P. Goldberg .
        10. Popek, G.J., Goldberg, R.P.: ‘Formal requirements for virtualizable third generation architectures’, Commun. ACM, 1974, 17, (7), pp. 412421.
        . Commun. ACM , 7 , 412 - 421
    11. 11)
      • S. Luo , Z. Lin , X. Chen .
        11. Luo, S., Lin, Z., Chen, X.: ‘Virtualization security for cloud computing service’. Cloud and Service Computing (CSC), 2011 Int. Conf. Cloud and Service Computing (CSC), 2011, pp. 174179.
        . Cloud and Service Computing (CSC), 2011 Int. Conf. Cloud and Service Computing (CSC) , 174 - 179
    12. 12)
      • J. Kong .
        12. Kong, J.: ‘Protecting the confidentiality of virtual machines against untrusted host’. 2010 Int. Symp. Intelligence Information Processing and Trusted Computing (IPTC), 2010, pp. 364368.
        . 2010 Int. Symp. Intelligence Information Processing and Trusted Computing (IPTC) , 364 - 368
    13. 13)
      • L. Peiyu , L. Dong .
        13. Peiyu, L., Dong, L.: ‘The new risk assessment model for information system in cloud computing environment’, Proc. Eng., 2011, 15, pp. 32003204.
        . Proc. Eng. , 3200 - 3204
    14. 14)
      • J.O. Fitó , J. Guitart .
        14. Fitó, J.O., Guitart, J.: ‘Business-driven management of infrastructure-level risks in Cloud providers’, Futur. Gener. Comput. Syst., 2014, 32, pp. 4153.
        . Futur. Gener. Comput. Syst. , 41 - 53
    15. 15)
      • E. Furuncu , I. Sogukpinar .
        15. Furuncu, E., Sogukpinar, I.: ‘Scalable risk assessment method for cloud computing using game theory (CCRAM)’, Comput. Stand. Interfaces, 2015, 38, pp. 4450.
        . Comput. Stand. Interfaces , 44 - 50
    16. 16)
      • Y. Wang , C. Lin , P.D. Ungsunan .
        16. Wang, Y., Lin, C., Ungsunan, P.D.: ‘Modeling and survivability analysis of service composition using stochastic petri nets’, J. Super Comput., 2011, 56, (1), pp. 79105.
        . J. Super Comput. , 1 , 79 - 105
    17. 17)
      • M. Arif , H. Shakeel .
        17. Arif, M., Shakeel, H.: ‘Virtualization security: analysis and open challenges’, Int. J. Hybrid Inf. Technol., 2015, 8, (2), pp. 237246.
        . Int. J. Hybrid Inf. Technol. , 2 , 237 - 246
    18. 18)
      • C. Lin , Y. Wang , Y. Wang .
        18. Lin, C., Wang, Y., Wang, Y.: ‘A stochastic game nets based approach for network security analysis’. PETRI NETS, 2008, pp. 2133.
        . PETRI NETS , 21 - 33
    19. 19)
      • Y. Wang , M. Yu , J. Li .
        19. Wang, Y., Yu, M., Li, J., et al: ‘Stochastic game net and applications in security analysis for enterprise network [J]’, Int. J. Inf. Security, 2012, 11, (1), pp. 4152.
        . Int. J. Inf. Security , 1 , 41 - 52
    20. 20)
      • J.J. Lv , C. Zhao .
        20. Lv, J.J., Zhao, C.: ‘Security analysis of online digital goods business based on stochastic game net model’, Security Commun. Netw., 2016, 9, pp. 587598.
        . Security Commun. Netw. , 587 - 598
    21. 21)
      • S.V. Dhople , L. DeVille , A.D. Domínguez-García .
        21. Dhople, S.V., DeVille, L., Domínguez-García, A.D.: ‘A stochastic hybrid systems framework for analysis of Markov reward models [J]’, Reliab. Eng. Syst. Saf., 2014, 123, pp. 158170.
        . Reliab. Eng. Syst. Saf. , 158 - 170
    22. 22)
      • Y. Wang , J. Li , K. Meng .
        22. Wang, Y., Li, J., Meng, K., et al: ‘Modeling and security analysis of network using attack-defence stochastic game net’, Security Commun. Netw., 2013, 6, (1), pp. 8999.
        . Security Commun. Netw. , 1 , 89 - 99
    23. 23)
      • M. Yu , Y. Wang , L. Liu .
        23. Yu, M., Wang, Y., Liu, L., et al: ‘Modeling and analysis of email worm propagation based on stochastic game nets’. PDCAT 2011, 2011, vol. 8.
        . PDCAT 2011
    24. 24)
      • Y. Wang , C. Lin , K. Meng .
        24. Wang, Y., Lin, C., Meng, K.: ‘Security analysis for online banking system using hierarchical stochastic game nets model’. IEEE Global Communications Conf., 2009.
        . IEEE Global Communications Conf.
    25. 25)
      • Y. Wang , C. Lin , Y. Wang .
        25. Wang, Y., Lin, C., Wang, Y., et al: ‘Security analysis of enterprise network based on stochastic game nets model’. ICC'09 Communication and Information Systems Security Symp., 2009.
        . ICC'09 Communication and Information Systems Security Symp.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2017.0038
Loading

Related content

content/journals/10.1049/iet-ifs.2017.0038
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address