收录:
摘要:
A key problem with much of the literature on cloud services evaluation is that it fails to consider the context and the dependencies between the evaluation criteria spanning different services and the various, and often conflicting, customers' requirements. Different aspects are important for different applications, and the choice of evaluation criteria needs to reflect this. This paper proposes a method for selecting the core security evaluation criteria based on the cause-effect relationships between the services, threats, vulnerabilities, and security controls using multiple evaluation factors including the importance, likelihood, and impact. The Analytic Network Process (ANP) is used to estimate the direct influence between the attributes, and the Decision Making Trial and Evaluation Laboratory (DEMATEL) is used to obtain the total influences (direct and indirect) between those attributes. The goal is not to blindly use all the criteria that exist in the literature, but instead to identify those that are most relevant to the context of the evaluation considering the characteristics of cloud service models, deployment models, and the overall evaluation context. This allows to focus on the situation and eliminate unnecessary tasks.
关键词:
通讯作者信息:
电子邮件地址:
来源 :
2019 IEEE 11TH INTERNATIONAL CONFERENCE ON COMMUNICATION SOFTWARE AND NETWORKS (ICCSN 2019)
ISSN: 2159-3566
年份: 2019
页码: 731-735
语种: 英文
归属院系: