Cloud Computing: A Risk Assessment Model

Abstract

Cloud computing has recently emerged compelling paradigm by introducing several characteristics such as on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Despite the fact that cloud computing offers huge cost benefits for companies, the unique security challenges have been introduced in a cloud environment that make risk assessment challenging. Cloud consumers need a protection to their cloud applications against cyber attacks. Although some security controls and policies are devised for each element of cloud computing, we need a framework with overall quantitative risk assessment model. The aim of this paper is to propose a framework for assessing the security risks associated with cloud computing platforms. The fully quantitative, iterative, and incremental approach enables cloud customer/provider to assess and manage cloud security risks. A proper result of risk assessment leads to have appropriate risk management mechanism for mitigating risks and reach to an acceptance security level.