AN EXPERT SYSTEM FOR CLOUD SERVICE RISK ASSESSMENT
DOI:
https://doi.org/10.26906/SUNZ.2024.1.146Keywords:
Cloud Computing, Cloud Services, Expert System, Fuzzy Inference System, Knowledge Base, Risk Assessment, VulnerabilitiesAbstract
Modern realities require society to implement digital technologies that are becoming increasingly complex and intelligent. Digitalization is becoming an integral component of all spheres of human activity. The trend of development and economic growth of companies and organizations is cloud technologies, which allow organizations to have flexible costs in the IT sector and regulate them by purchasing access to resources and services from providers instead of purchasing the resources and services themselves. For organizations that make decisions related to the use of cloud services, there are difficulties in evaluating and optimally choosing services and providers, because there are no generally accepted guidelines or procedures for this yet. On the other hand, providers face the problem of ensuring the proper quality of cloud services provided to users. Both providers and users need to have tools that allow them to identify and assess the possible risks of cloud services. One of such tools can be an expert system for evaluating cloud services, the concept of which is considered in this article.Downloads
References
Peter Mell Timothy Grance. The NIST Definition of Cloud Computing. Recommendations of the. NIST Special Publication 800-145. September 2011. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf
Cloud computing. IT Enterprise. https://www.it.ua/knowledge-base/technology-innovation/cloud-solutions
What is cloud computing? https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-cloud-computing
What is cloud computing? https://www.ibm.com/topics/cloud-computing
What is Cloud Computing? https://cloud.google.com/learn/what-is-cloud-computing
Top 5 Cloud Services Providers 2023. https://savemyleads.com/blog/useful/top-5-cloud-services-providers-2023
Що таке хмарні технології? Переваги та недоліки. https://edin.ua/shho-take-xmarni-texnologi%D1%97-i-navishho-voni-potribni/
The top 10 public cloud providers in 2023. https://www.revolgy.com/insights/blog/the-top-10-public-cloud-providers-2023
Top 10 Cloud Service Providers Globally in 2023. https://dgtlinfra.com/top-cloud-service-providers/
Nayan Ruparelia. Cloud computing. Cambridge, MA : The MIT Press, 2016 – 278 р. https://s3.amazonaws.com/arenaattachments/911381/0ea8a9793158a95d9b91911e49240a43.pdf
T.B. Rehman. Cloud Computing Basics. MERCURY LEARNING AND INFORMATION. Mercury Learning and Information LLC, 2019 – 198 р. https://terrorgum.com/tfox/books/cloudcomputingbasics_aselfteachingintroduction.pdf
Cloud Computing. https://www.javatpoint.com/cloud-computing
ENISA. Cloud computing: benifits, risks and recommendation for information security. Nov 09. https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment
Fotis Kitsios, Elpiniki Chatzidimitriou, Maria Kamariotou. The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector. https://www.researchgate.net/publication/369606652_The_ISOIEC_27001_Information_Security_Management_Standard_How_to_Extract_Value_from_Data_in_the_IT_Sector
INTERNATIONAL STANDARD. ISO/IEC 27017. Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
Risk Management in Cloud Computing. https://www.scrut.io/post/risk-management-in-cloud-computing
Pedro Costa, João Paulo Santos, Miguel Mira da Silva. Evaluation Criteria for Cloud Services. https://www.researchgate.net/publication/261436007_Evaluation_Criteria_for_Cloud_Services
Timothy Morrow. 12 Risks, Threats, & Vulnerabilities in Moving to the Cloud. https://insights.sei.cmu.edu/blog/12-risksthreats-vulnerabilities-in-moving-to-the-cloud/
Shannon Jackson-Barnes. Cloud Computing: Common Vulnerabilities and How to Overcome Them. https://www.orientsoftware.com/blog/vulnerability-in-cloud-computing/
Nivedita James Palatty Cloud Vulnerability Management: The Detailed Guide. https://www.getastra.com/blog/securityaudit/cloud-vulnerability-management/
What Is Cloud Vulnerability Assessment And How To Implement It? https://discovercloud.io/what-is-cloud-vulnerabilityassessment-and-how-to-implement-it/
Saumick Basu. 5 Top Cloud Vulnerability Scanners for AWS, Google Cloud, and Azure. https://www.getastra.com/blog/security-audit/cloud-vulnerability-scanner/?nowprocket=1
A Comprehensive Guide to Cloud Vulnerability Management. https://www.clouddefense.ai/guide-to-cloud-vulnerability-management/
Cloud Vulnerability Management Best Practices for 2024. https://www.sentra.io/learn/cloud-vulnerability-management
Martin Zboril. RISK ASSESSMENT METHOD OF CLOUD ENVIRONMENT. Computing and Informatics, Vol. 41, 2022, 1186–1206, doi: 10.31577/cai 2022 5 1186.
E. Cayirci1, A. Garaga, A. Santana de Oliveira, Y. Roudier. A risk assessment model for selecting cloud service providers. Journal of Cloud Computing: Advances, Systems and Applications (2016), DOI 10.1186/s13677-016-0064-x
A Risk Assessment Framework for Cloud Computing. URL: http://eprints.whiterose.ac.uk/95981/
ISO/IEC 27001:2022. Information security, cybersecurity and privacy protection. Information security management systems: https://www.iso.org/standard/27001
ISO 31000:2018. Risk management: https://www.iso.org/iso-31000-risk-management.html
