Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free Virtualisation security risk assessment for enterprise cloud services based on stochastic game nets model

© The Institution of Engineering and Technology
Received 15/02/2017, Accepted 04/07/2017, Revised 17/05/2017, Published 06/07/2017

Resource virtualisation is a prominent characteristic of cloud services, and it determines the resource utilisation efficiency and service quality. However, the virtualisation security issues also have a significant impact on the safety of cloud services. The security of virtualisation in cloud services is so complicated that current security risk assessment methods generally have some limitations when applying in cloud services. In this work, a security risk assessment model has been proposed for cloud services as a solution of this problem using stochastic game nets. Based on graphical tools, the virtualisation security risk scenario of cloud services can be described clearly, and virtualisation security risk factors can be evaluated accurately. The analysis results proved this method had powerful ability to simulate complicated and dynamic security issues in cloud services. Furthermore, our achievements can be used to help the cloud provider or tenant of the cloud service system taking corresponding measures to mitigate the risk.

Inspec keywords: virtualisation; resource allocation; stochastic games; risk management; cloud computing; security of data

Other keywords: resource virtualisation; enterprise cloud services; stochastic game nets model; resource utilisation efficiency; virtualisation security risk assessment; service quality

Subjects: Internet software; Game theory; Computing security management; Data security

References

    1. 1)
      • 12. Kong, J.: ‘Protecting the confidentiality of virtual machines against untrusted host’. 2010 Int. Symp. Intelligence Information Processing and Trusted Computing (IPTC), 2010, pp. 364368.
    2. 2)
      • 25. Wang, Y., Lin, C., Wang, Y., et al: ‘Security analysis of enterprise network based on stochastic game nets model’. ICC'09 Communication and Information Systems Security Symp., 2009.
    3. 3)
      • 1. Mell, P., Grance, T.: ‘The NIST definition of cloud computing: Recommendations of the National Institute of Standards and Technology’. Available at http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.
    4. 4)
      • 10. Popek, G.J., Goldberg, R.P.: ‘Formal requirements for virtualizable third generation architectures’, Commun. ACM, 1974, 17, (7), pp. 412421.
    5. 5)
      • 5. Duan, Q., Yan, Y., Vasilakos, A.V.: ‘A survey on service-oriented network virtualization toward convergence of networking and cloud computing’, IEEE Trans. Netw. Service Manage, 2012, 9, (4), pp. 373392.
    6. 6)
      • 8. Chen, W.-Z., Zhu, H.-W., Wei, H.: ‘SeVMM: VMM-based security control model’. Int. Conf. Cyberworlds, 2008.
    7. 7)
      • 13. Peiyu, L., Dong, L.: ‘The new risk assessment model for information system in cloud computing environment’, Proc. Eng., 2011, 15, pp. 32003204.
    8. 8)
      • 18. Lin, C., Wang, Y., Wang, Y.: ‘A stochastic game nets based approach for network security analysis’. PETRI NETS, 2008, pp. 2133.
    9. 9)
      • 2. Dawoud, W., Takouna, L., Meinel, C.: ‘Infrastructure as a service security: challenges and solutions’. Informatics and Systems (INFOS). 2010 The 7th Int. Conf. on. Informatics and Systems (lNFOS), 2010, 2010, pp. 18.
    10. 10)
      • 17. Arif, M., Shakeel, H.: ‘Virtualization security: analysis and open challenges’, Int. J. Hybrid Inf. Technol., 2015, 8, (2), pp. 237246.
    11. 11)
      • 22. Wang, Y., Li, J., Meng, K., et al: ‘Modeling and security analysis of network using attack-defence stochastic game net’, Security Commun. Netw., 2013, 6, (1), pp. 8999.
    12. 12)
      • 16. Wang, Y., Lin, C., Ungsunan, P.D.: ‘Modeling and survivability analysis of service composition using stochastic petri nets’, J. Super Comput., 2011, 56, (1), pp. 79105.
    13. 13)
      • 14. Fitó, J.O., Guitart, J.: ‘Business-driven management of infrastructure-level risks in Cloud providers’, Futur. Gener. Comput. Syst., 2014, 32, pp. 4153.
    14. 14)
      • 6. Guan, B., Wu, J., Wang, Y., et al: ‘CIVSched: a communication-aware inter-VM scheduling technique for decreased network latency between collocated VMs’, IEEE Trans. Cloud Comput, 2014, 2, (3), pp. 320332.
    15. 15)
      • 7. Latif, R., Abbas, H., Assar, S., et al: ‘Cloud computing risk assessment: a systematic literature review’. Future Information Technology, Springer, Berlin, Heidelberg, 2014, pp. 285295.
    16. 16)
      • 11. Luo, S., Lin, Z., Chen, X.: ‘Virtualization security for cloud computing service’. Cloud and Service Computing (CSC), 2011 Int. Conf. Cloud and Service Computing (CSC), 2011, pp. 174179.
    17. 17)
      • 21. Dhople, S.V., DeVille, L., Domínguez-García, A.D.: ‘A stochastic hybrid systems framework for analysis of Markov reward models [J]’, Reliab. Eng. Syst. Saf., 2014, 123, pp. 158170.
    18. 18)
      • 23. Yu, M., Wang, Y., Liu, L., et al: ‘Modeling and analysis of email worm propagation based on stochastic game nets’. PDCAT 2011, 2011, vol. 8.
    19. 19)
      • 4. Jasti, A., Shah, P., Nagaraj, R., et al: ‘Security in multi-tenancy cloud’. In Security technology (ICCST). 2010 IEEE Int. Carnahan Conf. Security Technology (lCCST), 2010, pp. 3541.
    20. 20)
      • 24. Wang, Y., Lin, C., Meng, K.: ‘Security analysis for online banking system using hierarchical stochastic game nets model’. IEEE Global Communications Conf., 2009.
    21. 21)
      • 19. Wang, Y., Yu, M., Li, J., et al: ‘Stochastic game net and applications in security analysis for enterprise network [J]’, Int. J. Inf. Security, 2012, 11, (1), pp. 4152.
    22. 22)
      • 3. Wang, Z., Jiang, X.: ‘HyperSafe: a lightweight approach to provide lifetime hypervisor control-flow integrity’. Security and Privacy (SP), 2010 IEEE Symp. Security and Privacy (SP), 2010 IEEE Symp. on, 2010, pp. 380395.
    23. 23)
      • 15. Furuncu, E., Sogukpinar, I.: ‘Scalable risk assessment method for cloud computing using game theory (CCRAM)’, Comput. Stand. Interfaces, 2015, 38, pp. 4450.
    24. 24)
      • 9. Zhang, Q., Wu, Y., Cui, D., et al: ‘Research on the security of storage virtualization based on trusted computing’. Int. Conf. Networking and Digital Society, 2010.
    25. 25)
      • 20. Lv, J.J., Zhao, C.: ‘Security analysis of online digital goods business based on stochastic game net model’, Security Commun. Netw., 2016, 9, pp. 587598.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2017.0038
Loading

Related content

content/journals/10.1049/iet-ifs.2017.0038
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address