Download PDFOpen PDF in browserRisk and Trust Models for the CloudEasyChair Preprint 69286 pages•Date: October 26, 2021AbstractRisk in itself is not bad, risk is essential to progress, and failure is often a key part of learning. But we must learn to balance the possible negative consequences of risk against the potential benefits of its associated opportunity. With the increase in the growth of cloud computing and the changes in technology that have resulted new ways for cloud providers to deliver their services to cloud consumers, the cloud consumers should be aware of the risks and vulnerabilities present in the current cloud computing environment. An information security risk assessment is designed specifically for that task. However, there is lack of structured risk assessment approach to do it. In this paper, firstly, I provide the definition of risk, also risk analysis, assessment, and management as well as their relationship and differences. Secondly, this paper will define the term “threat” and introduce the top threats and vulnerabilities for cloud computing by Cloud Security Alliance (CSA). Next, I present a cloud risk management by European Network and Information Security Agency (ENISA). The last section is about risk and trust models, and it also introduce two models developed by A4Cloud, which are Cloud adopted risk assessment model (CARAM) and the Joint risk and trust model (JRTM). Keyphrases: Cloud Computing, Cloud Risk Assessment, Risk and trust assessment, risk analysis, trust model
|