Show simple item record

dc.contributor.authorAkinrolabu, O
dc.contributor.authorNew, S
dc.contributor.authorMartin, A
dc.date.accessioned2020-03-23T05:58:03Z
dc.date.available2020-03-23T05:58:03Z
dc.date.issued2019
dc.identifier.isbn9781728116600
dc.identifier.doi10.1109/CSCloud/EdgeCom.2019.00-14
dc.identifier.urihttp://hdl.handle.net/10072/392557
dc.description.abstractCloud computing is widely believed to be the future of computing. It has grown from being a promising idea to one of the fastest research and development paradigms of the computing industry. However, security and privacy concerns represent a significant hindrance to the widespread adoption of cloud computing services. Likewise, the attributes of the cloud such as multi-tenancy, dynamic supply chain, limited visibility of security controls and system complexity, have exacerbated the challenge of assessing cloud risks. In this paper, we conduct a real-world case study to validate the use of a supply chaininclusive risk assessment model in assessing the risks of a multicloud SaaS application. Using the components of the Cloud Supply Chain Cyber Risk Assessment (CSCCRA) model, we show how the model enables cloud service providers (CSPs) to identify critical suppliers, map their supply chain, identify weak security spots within the chain, and analyse the risk of the SaaS application, while also presenting the value of the risk in monetary terms. A key novelty of the CSCCRA model is that it caters for the complexities involved in the delivery of SaaS applications and adapts to the dynamic nature of the cloud, enabling CSPs to conduct risk assessments at a higher frequency, in response to a change in the supply chain.
dc.description.peerreviewedYes
dc.publisherIEEE
dc.relation.ispartofconferencename2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom)
dc.relation.ispartofconferencetitleProceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019
dc.relation.ispartofdatefrom2019-06-21
dc.relation.ispartofdateto2019-06-23
dc.relation.ispartoflocationParis, France
dc.relation.ispartofpagefrom81
dc.relation.ispartofpageto88
dc.subject.fieldofresearchComputer System Security
dc.subject.fieldofresearchcode080303
dc.titleAssessing the Security Risks of Multicloud SaaS Applications: A Real-World Case Study
dc.typeConference output
dc.type.descriptionE1 - Conferences
dcterms.bibliographicCitationAkinrolabu, O; New, S; Martin, A, Assessing the Security Risks of Multicloud SaaS Applications: A Real-World Case Study, Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019, 2019, pp. 81-88
dc.date.updated2020-03-23T05:55:31Z
dc.description.versionAccepted Manuscript (AM)
gro.rights.copyright© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
gro.hasfulltextFull Text
gro.griffith.authorMartin, Andrew


Files in this item

This item appears in the following Collection(s)

  • Conference outputs
    Contains papers delivered by Griffith authors at national and international conferences.

Show simple item record