ДВУХЭТАПНАЯ ПРОЦЕДУРА КОЛИЧЕСТВЕННОЙ ОЦЕНКИ РИСКА ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОБЛАЧНЫХ ВЫЧИСЛЕНИЙ
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

TWO-STAGE PROCEDURE OF QUANTITATIVE ASSESSMENT OF INFORMATION SECURITY RISK OF CLOUD COMPUTING

Tsaregorodtsev A.V.,  Zelenina A.N.,  Savel'yev V.A. 

UDC 004.056:061.68
DOI:

  • Abstract
  • List of references
  • About authors

When organizations use cloud services, special attention to ensuring the security of their computing resources and information assets should be paid. It is one of the most important factors in making decisions on outsourcing services. Adopting a new model of providing IT services using cloud technologies and managing information risks is impossible without understanding the possible types of threats that organizations may face. The authors propose a methodology for assessing information security risks that allows analyzing the cloud services security under the impact of the threat classes under consideration, as well as a set of effective measures and means to counteract these threats. The proposed method for assessing risks for different types of deployment of cloud environments is aimed at identifying the countermeasures to possible attacks and correlating the amount of damage with the total cost of ownership of the entire infrastructure of information resources of the organization.

1. Tsaregorodtsev, A.V. Odin iz podkhodov k otsenke riskov informatsionnoy bezopasnosti v oblachnykh sredakh [Tekst] / Tsaregorodtsev, A.V., Malyuk, A.A., Makarenko, Ye.V. // Bezopasnost' informatsionnykh tekhnologiy. – M., 2014. – №4. – P.68-74.

2. Tsaregorotsev, A. Automation of the distribution process of sensitive data processing in a hybrid cloud computing environment [Текст] / Tsaregorotsev, A., Zelenina A. // Information Technology Applications. – Bratislava, Slovakia, 2016. – №1. – С.137-149.

3. Tsaregorodtsev, А. Methodology of vulnerability assessment for various types of cloud structures [Текст] / Tsaregorodtsev, А., Zelenina, А., Ružický, E. // Information Technology Applications. – Bratislava, Slovakia, 2017. – №1. – С.51-60.

Tsaregorodtsev Anatoly Valeryevich
Doctor of Technical Sciences, Professor
Email: academic_tsar@mail.ru

Moscow State Linguistic University

Moscow, Russian Federation

Zelenina Anna Nikolaevna
Candidate of Technical Sciences, Associate Professor
Email: snakeans@gmail.com

Voronezh Institute of High Technologies

Voronezh, Russian Federation

Savel'yev Vasiliy Aleksandrovich

Email: basek77@gmail.com

Moscow State Linguistic University

Moscow, Russian Federation

Keywords: information security, cloud computing, risk assessment, risk model, frequency of exploit use, damage during the implementation of the exploit

For citation: Tsaregorodtsev A.V., Zelenina A.N., Savel'yev V.A. TWO-STAGE PROCEDURE OF QUANTITATIVE ASSESSMENT OF INFORMATION SECURITY RISK OF CLOUD COMPUTING. Modeling, Optimization and Information Technology. 2017;5(4). URL: https://moit.vivt.ru/wp-content/uploads/2017/10/ZaregorodzevSoavtori_4_1_17.pdf DOI: (In Russ).

659

Full text in PDF

Published 31.12.2017