Research Output
Cloud Security, Privacy, and Trust Baselines
  According to ISO 27001, a threat is a potential event. When a threat turns into an actual event, it may cause an undesirable incident. It is undesirable because the incident may harm an organization or a system, causing a security incident and/or the violation of users’ privacy. Existing attempts to classify threats identi ed in cloud environments are either based on major cloud dependencies (such as the network or the shared memory of VMs) or on the use of various risk assessment tools [1], like CRAMM and Octave [2,3]. e classi cation method presented in this chapter uses three distinct categories: threats related to the infrastructure, threats related to the service provider, and generic threats. e key objective of the proposed classi cation is to lessen the burden on the cloud administrators in securityrelated issues, by pointing out the major problems that emerge and thus saving them time and money.

  • Date:

    19 August 2016

  • Publication Status:

    Published

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

  • Funders:

    Historic Funder (pre-Worktribe)

Citation

Pitropakis, N., Katsikas, S., & Lambrinoudakis, C. (2016). Cloud Security, Privacy, and Trust Baselines. In Cloud Computing Security Foundations and Challenges. Boca Raton: CRC Press (Taylor and Francis Group)

Authors

Keywords

Data security, cyber security, ISO 27001, cloud security,

Monthly Views:

Available Documents