Journal of Machines and Computing


Evaluation of the Cyber Security Risk Models (CSRM) in Cloud Computing



Journal of Machines and Computing

Received On : 30 January 2022

Revised On : 25 March 2022

Accepted On : 18 May 2022

Published On : 05 July 2022

Volume 02, Issue 03

Pages : 124-133


Abstract


Many devices in the Internet of Things (IoT) ecosystem may be susceptible to cyberattacks due to their diverse nature and lack of standardization. Resource-constrained IoT devices include sensor nodes, smart gadgets, and wearable devices. An organization's RAP (Risk Assessment Process) integrates the evaluation of hazards that are linked to all its resources, as well as the evaluation and prioritization of these risks. It is crucial to begin the risk management process with an accurate and thorough risk assessment. The Cyber Security Risk Models (CSRMs) in Cloud Computing are examined in this research. To understand the uniqueness of IoT systems and why present risk assessment methodologies for IoT are ineffective, it is necessary to understand the current state of risk assessment for IoT. There are constraints to periodic evaluations IoT due to device interoperability. Continuous testing of IoT solutions is thus essential.


Keywords


Internet of Things (IoT), Cyber Security Risk Models (CSRM), Risk Assessment Process (RAP), Confidentiality, Integrity, Availability (CIA).


  1. M. H. Amini, J. Mohammadi, and S. Kar, “Promises of fully distributed optimization for IoT-based smart city infrastructures,” in Advances in Intelligent Systems and Computing, Cham: Springer International Publishing, 2020, pp. 15–35.
  2. W. Zheng, J. Cheng, X. Wu, R. Sun, X. Wang, and X. Sun, “Domain knowledge-based security bug reports prediction,” Knowl. Based Syst., vol. 241, no. 108293, p. 108293, 2022.
  3. S. M. H. Anik, X. Gao, N. Meng, P. R. Agee, and A. P. McCoy, “A cost-effective, scalable, and portable IoT data infrastructure for indoor environment sensing,” J. Build. Eng., vol. 49, no. 104027, p. 104027, 2022.
  4. T. Rajmohan, P. H. Nguyen, and N. Ferry, “A decade of research on patterns and architectures for IoT security,” Cybersecurity, vol. 5, no. 1, 2022.
  5. Gartner.com. [Online]. Doi: https://www.gartner.com/imagesrv/books/iot/iotEbook_digital.pdf. [Accessed: 05-Mar-2022].
  6. C. Wheelus and X. Zhu, “IoT network security: Threats, risks, and a data-driven defense framework,” IoT, vol. 1, no. 2, pp. 259–285, 2020.
  7. F. Basya, M. Hardjanto, and I. Permana Putra, “SHA512 and MD5 algorithm vulnerability testing using Common Vulnerability Scoring System (CVSS),” bit-cs, vol. 3, no. 1, pp. 1–4, 2022.
  8. S. Goswami, N. Krishnan, M. Verma, S. Saurabh Swarnkar and P. Mahajan, "Reducing Attack Surface of a Web Application by Open Web Application Security Project Compliance", Defence Science Journal, vol. 62, no. 5, pp. 324-330, 2012. Doi: 10.14429/dsj.62.1291.
  9. S. Ramanauskaitė, N. Goranin, A. Čenys and J. Juknius, "Modelling influence of Botnet features on effectiveness of DDoS attacks", Security and Communication Networks, vol. 8, no. 12, pp. 2090-2101, 2014. Doi: 10.1002/sec.1156.
  10. S. Bonvicini, S. Ganapini, G. Spadoni and V. Cozzani, "The Description of Population Vulnerability in Quantitative Risk Analysis", Risk Analysis, vol. 32, no. 9, pp. 1576-1594, 2012. Doi: 10.1111/j.1539-6924.2011.01766.x.
  11. "McAfee Labs Threats Report: December 2018", Computer Fraud & Security, vol. 2019, no. 1, pp. 4-4, 2019. Doi: 10.1016/s1361-3723(19)30004-1.
  12. R. Borum, "Operationally relevant research and practice in terrorism threat assessments.", Journal of Threat Assessment and Management, vol.2, no. 3-4, pp. 192-194, 2015. Doi: 10.1037/tam0000046.
  13. Z. Qian and Y. Wang, "Internet of Things-oriented Wireless Sensor Networks Review", Journal of Electronics & Information Technology,vol. 35, no. 1, pp. 215-227, 2014. Doi: 10.3724/sp.j.1146.2012.00876.
  14. I. Lee, "Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management", Future Internet, vol. 12, no. 9, p. 157,2020. Doi: 10.3390/fi12090157.
  15. G. Krigsvoll, M. Fumo and R. Morbiducci, "National and International Standardization (International Organization for Standardization and European Committee for Standardization) Relevant for Sustainability in Construction", Sustainability, vol. 2, no. 12, pp. 3777-3791, 2010. Doi:10.3390/su2123777.
  16. "Healthcare organisations struggle to maintain security", Network Security, vol. 2015, no. 10, pp. 1-2, 2015. Doi: 10.1016/s1353-4858(15)30084-2

Acknowledgements


The authors would like to thank to the reviewers for nice comments on the manuscript.


Funding


No funding was received to assist with the preparation of this manuscript.


Ethics declarations


Conflict of interest

The authors have no conflicts of interest to declare that are relevant to the content of this article.


Availability of data and materials


No data available for above study.


Author information


Contributions

All authors have equal contribution in the paper and all authors have read and agreed to the published version of the manuscript.


Corresponding author


Rights and permissions


Open Access This article is licensed under a Creative Commons Attribution NoDerivs is a more restrictive license. It allows you to redistribute the material commercially or non-commercially but the user cannot make any changes whatsoever to the original, i.e. no derivatives of the original work. To view a copy of this license, visit https://creativecommons.org/licenses/by-nc-nd/4.0/


Cite this article


Hossein Anisi, “Evaluation of the Cyber Security Risk Models (CSRM) in Cloud Computing”, Journal of Machines and Computing, vol.2, no.3, pp. 124-133, July 2022. doi: 10.53759/7669/jmc202202017.


Copyright


© 2022 Hossein Anisi. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.