Taha, Ahmed and Lawall, Alexander and Suri, Neeraj (2023) Cloud Security Requirement Based Threat Analysis. In: 2023 International Conference on Computing, Networking and Communications, ICNC 2023. 2023 International Conference on Computing, Networking and Communications, ICNC 2023 . Institute of Electrical and Electronics Engineers Inc., USA, pp. 506-510. ISBN 9781665457194
Full text not available from this repository.Abstract
Threat analysis (TA) is a process to identify, detect, and evaluate security vulnerabilities systematically. Specifically, the TA, which focuses on threats that can potentially violate the customer's data ownership requirements of security and performance, is named Requirement Based Threat Analysis (RBTA). Despite the importance of RBTA, the current manual RBTA process is both time intensive and makes no assurance of completeness of the analysis. Thus, we develop a systematic analytic technique that enumerates customers' requirements and then determines all possible direct/indirect dependencies across them to conduct a generalized threat analysis from their requirements. The approach is validated for its effectiveness on actual Cloud customer requirements and can be generalized to apply to other requirements.