Virtualisation security risk assessment for enterprise cloud services based on stochastic game nets model

Virtualisation security risk assessment for enterprise cloud services based on stochastic game nets model

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Resource virtualisation is a prominent characteristic of cloud services, and it determines the resource utilisation efficiency and service quality. However, the virtualisation security issues also have a significant impact on the safety of cloud services. The security of virtualisation in cloud services is so complicated that current security risk assessment methods generally have some limitations when applying in cloud services. In this work, a security risk assessment model has been proposed for cloud services as a solution of this problem using stochastic game nets. Based on graphical tools, the virtualisation security risk scenario of cloud services can be described clearly, and virtualisation security risk factors can be evaluated accurately. The analysis results proved this method had powerful ability to simulate complicated and dynamic security issues in cloud services. Furthermore, our achievements can be used to help the cloud provider or tenant of the cloud service system taking corresponding measures to mitigate the risk.


    1. 1)
      • 1. Mell, P., Grance, T.: ‘The NIST definition of cloud computing: Recommendations of the National Institute of Standards and Technology’. Available at
    2. 2)
      • 2. Dawoud, W., Takouna, L., Meinel, C.: ‘Infrastructure as a service security: challenges and solutions’. Informatics and Systems (INFOS). 2010 The 7th Int. Conf. on. Informatics and Systems (lNFOS), 2010, 2010, pp. 18.
    3. 3)
      • 3. Wang, Z., Jiang, X.: ‘HyperSafe: a lightweight approach to provide lifetime hypervisor control-flow integrity’. Security and Privacy (SP), 2010 IEEE Symp. Security and Privacy (SP), 2010 IEEE Symp. on, 2010, pp. 380395.
    4. 4)
      • 4. Jasti, A., Shah, P., Nagaraj, R., et al: ‘Security in multi-tenancy cloud’. In Security technology (ICCST). 2010 IEEE Int. Carnahan Conf. Security Technology (lCCST), 2010, pp. 3541.
    5. 5)
      • 5. Duan, Q., Yan, Y., Vasilakos, A.V.: ‘A survey on service-oriented network virtualization toward convergence of networking and cloud computing’, IEEE Trans. Netw. Service Manage, 2012, 9, (4), pp. 373392.
    6. 6)
      • 6. Guan, B., Wu, J., Wang, Y., et al: ‘CIVSched: a communication-aware inter-VM scheduling technique for decreased network latency between collocated VMs’, IEEE Trans. Cloud Comput, 2014, 2, (3), pp. 320332.
    7. 7)
      • 7. Latif, R., Abbas, H., Assar, S., et al: ‘Cloud computing risk assessment: a systematic literature review’. Future Information Technology, Springer, Berlin, Heidelberg, 2014, pp. 285295.
    8. 8)
      • 8. Chen, W.-Z., Zhu, H.-W., Wei, H.: ‘SeVMM: VMM-based security control model’. Int. Conf. Cyberworlds, 2008.
    9. 9)
      • 9. Zhang, Q., Wu, Y., Cui, D., et al: ‘Research on the security of storage virtualization based on trusted computing’. Int. Conf. Networking and Digital Society, 2010.
    10. 10)
      • 10. Popek, G.J., Goldberg, R.P.: ‘Formal requirements for virtualizable third generation architectures’, Commun. ACM, 1974, 17, (7), pp. 412421.
    11. 11)
      • 11. Luo, S., Lin, Z., Chen, X.: ‘Virtualization security for cloud computing service’. Cloud and Service Computing (CSC), 2011 Int. Conf. Cloud and Service Computing (CSC), 2011, pp. 174179.
    12. 12)
      • 12. Kong, J.: ‘Protecting the confidentiality of virtual machines against untrusted host’. 2010 Int. Symp. Intelligence Information Processing and Trusted Computing (IPTC), 2010, pp. 364368.
    13. 13)
      • 13. Peiyu, L., Dong, L.: ‘The new risk assessment model for information system in cloud computing environment’, Proc. Eng., 2011, 15, pp. 32003204.
    14. 14)
      • 14. Fitó, J.O., Guitart, J.: ‘Business-driven management of infrastructure-level risks in Cloud providers’, Futur. Gener. Comput. Syst., 2014, 32, pp. 4153.
    15. 15)
      • 15. Furuncu, E., Sogukpinar, I.: ‘Scalable risk assessment method for cloud computing using game theory (CCRAM)’, Comput. Stand. Interfaces, 2015, 38, pp. 4450.
    16. 16)
      • 16. Wang, Y., Lin, C., Ungsunan, P.D.: ‘Modeling and survivability analysis of service composition using stochastic petri nets’, J. Super Comput., 2011, 56, (1), pp. 79105.
    17. 17)
      • 17. Arif, M., Shakeel, H.: ‘Virtualization security: analysis and open challenges’, Int. J. Hybrid Inf. Technol., 2015, 8, (2), pp. 237246.
    18. 18)
      • 18. Lin, C., Wang, Y., Wang, Y.: ‘A stochastic game nets based approach for network security analysis’. PETRI NETS, 2008, pp. 2133.
    19. 19)
      • 19. Wang, Y., Yu, M., Li, J., et al: ‘Stochastic game net and applications in security analysis for enterprise network [J]’, Int. J. Inf. Security, 2012, 11, (1), pp. 4152.
    20. 20)
      • 20. Lv, J.J., Zhao, C.: ‘Security analysis of online digital goods business based on stochastic game net model’, Security Commun. Netw., 2016, 9, pp. 587598.
    21. 21)
      • 21. Dhople, S.V., DeVille, L., Domínguez-García, A.D.: ‘A stochastic hybrid systems framework for analysis of Markov reward models [J]’, Reliab. Eng. Syst. Saf., 2014, 123, pp. 158170.
    22. 22)
      • 22. Wang, Y., Li, J., Meng, K., et al: ‘Modeling and security analysis of network using attack-defence stochastic game net’, Security Commun. Netw., 2013, 6, (1), pp. 8999.
    23. 23)
      • 23. Yu, M., Wang, Y., Liu, L., et al: ‘Modeling and analysis of email worm propagation based on stochastic game nets’. PDCAT 2011, 2011, vol. 8.
    24. 24)
      • 24. Wang, Y., Lin, C., Meng, K.: ‘Security analysis for online banking system using hierarchical stochastic game nets model’. IEEE Global Communications Conf., 2009.
    25. 25)
      • 25. Wang, Y., Lin, C., Wang, Y., et al: ‘Security analysis of enterprise network based on stochastic game nets model’. ICC'09 Communication and Information Systems Security Symp., 2009.

Related content

This is a required field
Please enter a valid email address