Wen Zeng, Wenjing Yan, Emily Simpson, Carlos Molina–Jimenez
{"title":"基于云的软件迁移过程的定量风险评估","authors":"Wen Zeng, Wenjing Yan, Emily Simpson, Carlos Molina–Jimenez","doi":"10.1002/cpe.70009","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Cloud migration is the process of moving data, files, and applications to a cloud computing environment. With the success of cloud computing, cloud migration is becoming fashionable. However, different cloud service providers have their own migration processes as currently, no standard cloud-based software migration procedure exists to guide how to move digital resources to the cloud. Moreover, there are serious security risks associated with cloud migration processes that threaten business processes that have not been systematically analyzed. In addition, no formal models and security metrics exist to evaluate and analyze these risks. Therefore, it is necessary to develop a generic approach with real customer use cases. In this study, firstly, we will develop a general cloud-based software migration procedure to help organizations migrate their digital resources to cloud platforms. Secondly, we will develop a risk assessment model for analyzing migration processes. Thirdly, on the basis of this risk assessment model, we use stochastic colored Petri nets to describe the dynamic behavior of the model, thus the concurrency, synchronization, mutual exclusion, and conflicts can be analyzed to assess the risks of migration automatically. Fourthly, security metrics will be defined to quantitatively evaluate the risks and vulnerabilities of the organizations. We believe that this study can help chief information officers identify which risk will have more opportunity to occur during the migration processes and make informed decisions about software migration and security.</p>\n </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 6-8","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2025-03-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Quantitative Risk Assessment for Cloud-Based Software Migration Processes\",\"authors\":\"Wen Zeng, Wenjing Yan, Emily Simpson, Carlos Molina–Jimenez\",\"doi\":\"10.1002/cpe.70009\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n \\n <p>Cloud migration is the process of moving data, files, and applications to a cloud computing environment. With the success of cloud computing, cloud migration is becoming fashionable. However, different cloud service providers have their own migration processes as currently, no standard cloud-based software migration procedure exists to guide how to move digital resources to the cloud. Moreover, there are serious security risks associated with cloud migration processes that threaten business processes that have not been systematically analyzed. In addition, no formal models and security metrics exist to evaluate and analyze these risks. Therefore, it is necessary to develop a generic approach with real customer use cases. In this study, firstly, we will develop a general cloud-based software migration procedure to help organizations migrate their digital resources to cloud platforms. Secondly, we will develop a risk assessment model for analyzing migration processes. Thirdly, on the basis of this risk assessment model, we use stochastic colored Petri nets to describe the dynamic behavior of the model, thus the concurrency, synchronization, mutual exclusion, and conflicts can be analyzed to assess the risks of migration automatically. Fourthly, security metrics will be defined to quantitatively evaluate the risks and vulnerabilities of the organizations. We believe that this study can help chief information officers identify which risk will have more opportunity to occur during the migration processes and make informed decisions about software migration and security.</p>\\n </div>\",\"PeriodicalId\":55214,\"journal\":{\"name\":\"Concurrency and Computation-Practice & Experience\",\"volume\":\"37 6-8\",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2025-03-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Concurrency and Computation-Practice & Experience\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/cpe.70009\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/cpe.70009","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
Quantitative Risk Assessment for Cloud-Based Software Migration Processes
Cloud migration is the process of moving data, files, and applications to a cloud computing environment. With the success of cloud computing, cloud migration is becoming fashionable. However, different cloud service providers have their own migration processes as currently, no standard cloud-based software migration procedure exists to guide how to move digital resources to the cloud. Moreover, there are serious security risks associated with cloud migration processes that threaten business processes that have not been systematically analyzed. In addition, no formal models and security metrics exist to evaluate and analyze these risks. Therefore, it is necessary to develop a generic approach with real customer use cases. In this study, firstly, we will develop a general cloud-based software migration procedure to help organizations migrate their digital resources to cloud platforms. Secondly, we will develop a risk assessment model for analyzing migration processes. Thirdly, on the basis of this risk assessment model, we use stochastic colored Petri nets to describe the dynamic behavior of the model, thus the concurrency, synchronization, mutual exclusion, and conflicts can be analyzed to assess the risks of migration automatically. Fourthly, security metrics will be defined to quantitatively evaluate the risks and vulnerabilities of the organizations. We believe that this study can help chief information officers identify which risk will have more opportunity to occur during the migration processes and make informed decisions about software migration and security.
期刊介绍:
Concurrency and Computation: Practice and Experience (CCPE) publishes high-quality, original research papers, and authoritative research review papers, in the overlapping fields of:
Parallel and distributed computing;
High-performance computing;
Computational and data science;
Artificial intelligence and machine learning;
Big data applications, algorithms, and systems;
Network science;
Ontologies and semantics;
Security and privacy;
Cloud/edge/fog computing;
Green computing; and
Quantum computing.