Patricia Arias Cabarcos, F. Almenárez, Daniel Díaz Sánchez, Andrés Marín López
{"title":"FRiCS: A Framework for Risk-driven Cloud Selection","authors":"Patricia Arias Cabarcos, F. Almenárez, Daniel Díaz Sánchez, Andrés Marín López","doi":"10.1145/3267357.3267362","DOIUrl":null,"url":null,"abstract":"Our devices and interactions in a world where physical and digital realities are more and more blended, generate a continuum of multimedia data that needs to be stored, shared and processed to provide services that enrich our daily lives. Cloud computing plays a key role in these tasks, dissolving resource allocation and computational boundaries, but it also requires advanced security mechanisms to protect the data and provide privacy guarantees. Therefore, security assurance must be evaluated before offloading tasks to a cloud provider, a process which is currently manual, complex and inadequate for dynamic scenarios. However, though there are many tools for evaluating cloud providers according to quality of service criteria, automated categorization and selection based on risk metrics is still challenging. To address this gap, we present FRiCS, a Framework for Risk-driven Cloud Selection, which contributes with: 1) a set of cloud security metrics and risk-based weighting policies, 2) distributed components for metric extraction and aggregation, and 3) decision-making plugins for ranking and selection. We have implemented the whole system and conducted a case-study validation based on public cloud providers' security data, showing the benefits of the proposed approach.","PeriodicalId":263315,"journal":{"name":"Proceedings of the 2nd International Workshop on Multimedia Privacy and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2nd International Workshop on Multimedia Privacy and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3267357.3267362","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Our devices and interactions in a world where physical and digital realities are more and more blended, generate a continuum of multimedia data that needs to be stored, shared and processed to provide services that enrich our daily lives. Cloud computing plays a key role in these tasks, dissolving resource allocation and computational boundaries, but it also requires advanced security mechanisms to protect the data and provide privacy guarantees. Therefore, security assurance must be evaluated before offloading tasks to a cloud provider, a process which is currently manual, complex and inadequate for dynamic scenarios. However, though there are many tools for evaluating cloud providers according to quality of service criteria, automated categorization and selection based on risk metrics is still challenging. To address this gap, we present FRiCS, a Framework for Risk-driven Cloud Selection, which contributes with: 1) a set of cloud security metrics and risk-based weighting policies, 2) distributed components for metric extraction and aggregation, and 3) decision-making plugins for ranking and selection. We have implemented the whole system and conducted a case-study validation based on public cloud providers' security data, showing the benefits of the proposed approach.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
