Show simple item record

dc.contributor.authorBuyonje, Vicent
dc.date.accessioned2019-10-07T07:46:58Z
dc.date.available2019-10-07T07:46:58Z
dc.date.issued2018-04
dc.identifier.urihttp://hdl.handle.net/10570/7450
dc.description.abstractCloud computing has emerged as a powerful model for managing and delivering services over the Internet. It is swiftly transforming the information technology delivery view and fundamentally realizing the commitment of utility computing. Cloud computing provides for scalable and mobile hardware and software provisions that decrease operational costs among other advantages. However even with its many advantages cloud computing is still marred by security issues ranging from Distributed-Denial-of-Service attacks to system-device vulnerabilities, mainly because private data is entrusted to another party. Various procedures have been proposed to address the security issues of cloud including; co-residency detection, provable data possession and cryptographic protocols. However security still remains as the number one hindrance to cloud computing adoption. Therefore before mitigating the security vulnerabilities of cloud system it is important to define the weakness boundaries for proper benchmarking by measuring the security of the system basing on the threats and vulnerabilities. With this perspective various research has been done to address the issue of security measurement. However the security metrics proposed do not address the issue of uncertainty in their algorithms. Given that the attack vector of the adversary is random and undefined it is necessary to quantify the randomness of the attacker’s path and vulnerability exploited. In this dissertation we investigate how the security of a cloud infrastructure can be measured with respect to attacker uncertainty. We investigate how security based cloud system infrastructures can be modeled with further focus on threat and vulnerability modeling. We further propose a probabilistic information theory based metric using Shannon entropy and combined with a Bayesian networks based metric for this purpose. For metric testing we construct a security based cloud system for which further model the attack paths using attack trees and analyzed with entropy and the vulnerabilities modeled with attack paths are analyst with Bayesian networks. For systems comparisons we vary the implemented devices and service for which we obtain the scores. Through this research we provide an uncertainty based approach for security met- rics in cloud computing. For the provided metric a demonstration of its quantitative application is performed and analyzed on constructed threat models using attack trees and attack graphs. Therefore with the metric we provide a procedure for quantitative evaluation of cloud security to enable: security issues identification, assigning cloud security level scores and comparison between cloud infrastructures.en_US
dc.language.isoenen_US
dc.publisherMakerere Universityen_US
dc.subjectCloud computingen_US
dc.subjectSecurity modelsen_US
dc.subjectSecurity metricsen_US
dc.subjectUncertainty measuringen_US
dc.titleUncertainty based approach of modelling for security metrics in cloud computingen_US
dc.typeThesisen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record