AHP-based quantitative approach for assessing and comparing cloud security

Taha, A. and Trapero, R. and Luna, J. and Suri, Neeraj (2014) AHP-based quantitative approach for assessing and comparing cloud security. In: 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, pp. 284-291. ISBN 9781479965137

Full text not available from this repository.


While Cloud usage increasingly involves security considerations, there is still a conspicuous lack of techniques for users to assess/ensure that the security level advertised by the Cloud Service Provider (CSP) is actually delivered. Recent efforts have proposed extending existing Cloud Service Level Agreements (SLAs) to the security domain, by creating Security SLAs (SecLAs) along with attempts to quantify and reason about the security assurance provided by CSPs. However, both technical and usability issues limit their adoption in practice. In this paper we introduce a new technique for conducting quantitative and qualitative analysis of the security level provided by CSPs. Our methodology significantly improves upon contemporary security assessment approaches by creating a novel decision making technique based on the Analytic Hierarchy Process (AHP) that allows the comparison and benchmarking of the security provided by a CSP based on its SecLA. Furthermore, our technique improves security requirements specifications by introducing a flexible and simple methodology that allows users to identify their specific security needs. The proposed technique is demonstrated with real-world CSP data obtained from the Cloud Security Alliance's Security, Trust and Assurance Registry. © 2014 IEEE.

Item Type:
Contribution in Book/Report/Proceedings
ID Code:
Deposited By:
Deposited On:
14 Oct 2019 13:46
Last Modified:
21 Nov 2022 17:07