Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
The Relationship Between Bitcoin Trading Volume, Volatility, and Returns: A Study of Four Seasons Read chapter Read first chapter

2019 | OriginalPaper | Chapter

CSCCRA: A Novel Quantitative Risk Assessment Model for Cloud Service Providers

Authors : Olusola Akinrolabu, Steve New, Andrew Martin

Published in: Information Systems

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Assessing and managing cloud risks can be a challenge, even for the cloud service providers (CSPs), due to the increased numbers of parties, devices and applications involved in cloud service delivery. The limited visibility of security controls down the supply chain, further exacerbates this risk assessment challenge. As such, we propose the Cloud Supply Chain Cyber Risk Assessment (CSCCRA) model, a quantitative risk assessment model which is supported by cloud supplier security assessment (CSSA) and cloud supply chain mapping (CSCM). Using the CSCCRA model, we assess the risk of a Customer Relationship Management (CRM) application, mapping its supply chain to identify weak links, evaluating its security risks and presenting the risk value in dollar terms, with this, promoting cost-effective risk mitigation and optimal risk prioritisation.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Investigating the Factors Affecting the Adoption of Cloud Computing in SMEs: A Case Study of Saudi Arabia
next chapter Mobile Number Portability Using a Reliable Cloud Database Appliance to Match Predictable Performance
Literature
1.
Akinrolabu, O., New, S., Martin, A.: Cyber supply chain risks in cloud computing - bridging the risk assessment gap. Open J. Cloud Comput. (OJCC) 5(1), 1–19 (2018)
2.
Badger, L., Patt-Corner, R., Voas, J.: Cloud Computing Synopsis and Recommendations. Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-146, p. 81 (2012)
3.
Boyens, J., Paulsen, C., Moorthy, R., Bartol, N.: Supply Chain Risk Management Practices for Federal Information Systems and Organizations. NIST Special Publication (2015)
4.
Dawes, R.M.: The robust beauty of improper linear models in decision making. Am. Psychol. 34(7), 571–582 (1979)CrossRef
5.
Djemame, K., Armstrong, D.J., Kiran, M.: A risk assessment framework and software toolkit for cloud service ecosystems. In: Computing, pp. 119–126 (2011)
6.
Fito, J., Macias, M., Guitart, J.: Toward business-driven risk management for Cloud computing. In: 2010 International Conference Network and Service Management (CNSM), pp. 238–241 (2010)
7.
Freund, J., Jones, J.: Measuring and Managing Information Risk: A FAIR Approach. Butterworth-Heinemann (2014)
8.
Ghadge, A., Dani, S., Chester, M., Kalawsky, R.: A systems approach for modelling supply chain risks. Supply Chain Manag. Int. J. 18(5), 523–538 (2013)CrossRef
9.
Gresh, D., Deleris, L.A., Gasparini, L., Evans, D.: Visualizing risk. In: Proceedings of IEEE Information Visualization Conference (2011)
10.
Islam, S., Fenz, S., Weippl, E., Mouratidis, H.: A risk management framework for cloud migration decision support. J. Risk Financ. Manag. 10(2), 10 (2017)CrossRef
11.
Kaliski Jr, B.S., Pauley, W.: Toward risk assessment as a service in cloud environments. In: Proceedings 2nd USENIX Conference Hot Topics in Cloud Computing, pp. 1–7 (2010)
12.
Olcott, J.: Input to the Commission on Enhancing National Cybersecurity: The Impact of Security Ratings on National Cybersecurity (2016)
13.
Palisade: Monte Carlo Simulation: What is it and How Does it Work? - Palisade (2017)
14.
Pearson, S.: Data Protection in the Cloud. Cloud Security Alliance Online, pp. 10–13 (2016)
15.
Saripalli, P., Walters, B.: QUIRC: a quantitative impact and risk assessment framework for cloud security. In: 2010 IEEE 3rd International Conference Cloud Computing, pp. 280–288 (2010)
16.
Sendi, A.S., Cheriet, M.: Cloud computing: a risk assessment model. In: 2014 IEEE International Conference Cloud Engineering, pp. 147–152 (2014)
17.
Sherman, M.: Risks in the software supply chain. In: Software Solution Symposium, pp. 1–36 (2017)
18.
Sivasubramanian, Y., Ahmed, S.Z., Mishra, V.P.: Risk assessment for cloud computing Int. Res. J. Electron. Comput. Eng. 3(2) (2017). ISSN Online 2412-4370CrossRef
19.
Sourcemap: Sub-Supplier Mapping: Tracing Products to the Source with a Supply Chain Social Network, p. 5 (2011)
Metadata
Title
CSCCRA: A Novel Quantitative Risk Assessment Model for Cloud Service Providers
Authors
Olusola Akinrolabu
Steve New
Andrew Martin
Copyright Year
2019
Book
Information Systems

Print ISBN: 978-3-030-11394-0

Electronic ISBN: 978-3-030-11395-7

Copyright Year: 2019

DOI
https://doi.org/10.1007/978-3-030-11395-7_16

Premium Partner

    Image Credits