Culminating Project Title
Date of Award
Culminating Project Type
Information Assurance: M.S.
Information Assurance and Information Systems
Herberger School of Business
Dr. Abdullah Abu Hussein
Dr. Lynn Collen
Dr. Balsy Kasi
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
Platform-as-a-service security issues, cloud security, quantification of risks
Cloud computing is a scalable and cost-effective technology being adopted by organizations to increase profits and flexibility. Due to the nature of cloud service models, security is a big concern for organizations. In this paper, we discussed the security issues in the Platform-as-a-Service cloud service model and the various possible attack types on PaaS. PaaS has a number of stakeholders such as developers, testers, deployers, and administrators. PaaS stakeholders have different security goals, objectives, and tolerance to risks. Organizations need to understand the possible threats, source of those threats, and different security requirements of their stakeholders in a PaaS service model so that they can measure the risks accurately and implement effective security controls. The objective of the study is to provide stakeholders of PaaS with means to quantify the security threats in PaaS cloud services. We studied the different ways in the literature to measure the security risks in cloud computing. We proposed our methodology to quantify security in PaaS from a stakeholder’s point of view, considering their interactions with various PaaS components and the tasks they perform. We identified the stakeholders, their interactions with different components, and the tasks they perform by creating a taxonomy. We then used a well-known metric, Mean Failure Cost, to quantify the failure cost of PaaS components as pertinent to stakeholders. This will help the organizations to assess their security controls and implement better security measures.
Chauhan, Anuradha, "QUANTIFYING SECURITY IN PLATFORM AS A SERVICE USING MEAN FAILURE COST: A STAKEHOLDER’S PERSPECTIVE" (2021). Culminating Projects in Information Assurance. 113.