№2, 2014

DEVELOPMENT OF COLLABORATIVE RISK ASSESSMENT METHOD FOR DYNAMIC FEDERATION OF CLOUDS

Fargana C. Abdullayeva

The article suggests an approach for the providing of the dynamic federation of clouds. An approach is based on risk assessment technology and allows the use of cloud federations without the need of identity federation. Here for the solving of this problem first of all an important factors which are capable of seriously influencing of the information security level of clouds are selected and then hierarchical risk assessment architecture is proposed based on these factors. Then by applying of the AHP methodology cloud provider’s risk priority vectors are formed and on the basis of this vector fuzzy logic based risk value calculation is provided. (pp. 46-58)

Keywords: cloud computing, federation, risk assessment, multi-tenancy
References
  • Alguliev R.M., Abdullayeva F.C. Identity management based security architecture of cloud computing on multi-agent systems / Proc. of the third international conference on Innovative Computing Technology (INTECH), 2013, pp.123–126.
  • Əliquliyev R.M., Abdullayeva F.C. Bulud texnologiyalarının təhlükəsizlik problemlərinin tədqiqi və analizi // İnformasiya Texnologiyaları Problemləri, 2013, №.1, s.3–14.
  • Carlini E., Coppola M., Dazzi P., Ricci L., Righetti G. Cloud Federations in Contrail / Proc. Euro-Par 2011: Parallel Processing Workshops, 2012, vol.7155, pp.159–168.
  • Rochwerger B. et al. The reservoir model and architecture for open federated cloud computing // IBM Journal of Research and Development, 2009, vol.53, no.4, pp. 535–545.
  • Buyya R., Broberg J., Goscinski A. Cloud Computing: Principles and Paradigms. John Wiley & Sons Inc., 2011, 637 p.
  • Kurze T., Klems M., Bermbach D., Lenk A., Tai S., Kunze M. Cloud Federation / Proc. of the second international conference on Cloud Computing, GRIDs, and Virtualization, 2011, pp.32–38.
  • Webster New World College Dictionary, http://www.yourdictionary.com/federation.
  • Lee H., Jeun I., Jung H. Criteria for evaluating the privacy protection level of identity management services / Proc. of the third international conference on Emerging Security Information, Systems and Technologies (SECURWARE), 2009, pp.155–160.
  • Maler E., Reed D. The venn of identity: Options and issues in federated identity management // IEEE Security & Privacy, 2008, vol.6, no.2, pp.16–23.
  • Santos D.R., Westphall C.M., Westphall C.B. Risk based dynamic access control for a highly scalable cloud federation / Proc. of the seventh international conference on Emerging Security Information, Systems and Technologies (SECURWARE 2013), 2013, pp.8–13.
  • Cabarcos P.A. Risk assessment for better Identity Management in pervasive environments / Proc. of the IEEE international conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), 2011, pp.389–390.
  • ETSI GS INS 004. Identity and access management for Networks and Services; Dynamic federation negotiation and trust management in IdM systems, 2010, 18 p.
  • Arias P.C., Marin A.L., Sanchez R.G., Almenares F.M., Sanchez D.D. A metric-based approach to assess risk for On cloud federated identity management // Journal of Network and Systems Management, 2012, vol.20, no.4, pp.513−533.
  • Latif R., Abbas H., Assar S., Ali Q. Cloud Computing Risk Assessment: A Systematic Literature Review // Future Information Technology, Lecture Notes in Electrical Engineering, 2014, vol.276, pp.285–295.
  • Ammar F.B., Hafsa I.H., Ouni F. Analytic Hierarchical Process for Multicriteria Decision Making in design of Flying Voltage Source Multilevel Inverters // European Journal of Electrical Engineering, 2011, vol.14, no.6, pp.719–756.
  • Nataraj S. Analytic Hierarchy Process as a Decision-Support System in the Petroleum Pipeline Industry // Issues in Information Systems, 2005, vol.VI, no.2, pp.16–21.