Threat and countermeasure patterns for cloud computing

Abstract

Recently cloud computing markets have expanded, and there are various kind of services and their providers. How-ever, Security is the primary concern of cloud users. However, service providers are unaware precisely of the types of security countermeasures required for their cloud servers. A method to define what the type security required for each operator using two security patterns are proposed. One is for typical threats and the other is for typical countermeasures. Using the two patterns with the relationship information among the functions, cloud components and stakeholders, the security coverage of the cloud and the security duties of each operator become clear.