Skip to main content

2015 | OriginalPaper | Buchkapitel

Human Factors of Social Engineering Attacks (SEAs) in Hybrid Cloud Environment: Threats and Risks

verfasst von : Reza Alavi, Shareeful Islam, Haris Mouratidis

Erschienen in: Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Conventional patterns of the ways information systems run are rapidly evolving. Cloud computing undisputedly has influenced profoundly in this direction by providing many benefits such as accessibility and availability of resources to organisations. But the economical advantage and the cost impacts are far more attractive to organisations than anything else when it comes to cloud computing. This convenient and attractiveness comes with new phases of security and risk challenges for both cloud providers and clients which requires investment for managing and mitigating them. The challenges get more complicated as the service itself passes geographical and national boundaries which create a completely new paradigm for security, risk, privacy, and more importantly cost implications. Social Engineering Attacks (SEAs) are example of those risks that are very attractive way for attackers for accessing classified data. There are certain constraints for employees when they use LAN. These limitations reduced greatly by the introduction of Cloud and off-site services. This allows attackers to use any compromised passwords from any web-connected device. This paper discusses main issues in migrating to a cloud environment by organisations regarding the human factors of SEAs threats and risks related concepts. The approach provides a set of recommendations for appropriate control actions to mitigate related risks.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Pearson, S., Yee, G.: Privacy and Security for Cloud Computing. Springer, London (2013)CrossRef Pearson, S., Yee, G.: Privacy and Security for Cloud Computing. Springer, London (2013)CrossRef
2.
Zurück zum Zitat Alavi, R., Islam, S., Jahankhani, H., Al-Nemrat, A.: Analyzing human factors for an effective information security management system. Int. J. Secure Softw. Eng. (IJSSE) 4, 50–75 (2013)CrossRef Alavi, R., Islam, S., Jahankhani, H., Al-Nemrat, A.: Analyzing human factors for an effective information security management system. Int. J. Secure Softw. Eng. (IJSSE) 4, 50–75 (2013)CrossRef
3.
Zurück zum Zitat Ryan, M.D.: Cloud computing security: the scientific challenge, and a survey of solutions. J. Syst. Softw. 86(9), 2263–2268 (2013)CrossRef Ryan, M.D.: Cloud computing security: the scientific challenge, and a survey of solutions. J. Syst. Softw. 86(9), 2263–2268 (2013)CrossRef
5.
Zurück zum Zitat Alavi, R., Islam, S., Mouratidis, H.: A conceptual framework to analyze human factors of information security management system (ISMS) in organizations. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 297–305. Springer, Heidelberg (2014) Alavi, R., Islam, S., Mouratidis, H.: A conceptual framework to analyze human factors of information security management system (ISMS) in organizations. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 297–305. Springer, Heidelberg (2014)
6.
Zurück zum Zitat Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: netflow visualizations of link relationships for security situational awareness. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. Washington DC, USA, ACM (2004) Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: netflow visualizations of link relationships for security situational awareness. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. Washington DC, USA, ACM (2004)
7.
Zurück zum Zitat Maceachren, A.M., Jaiswal, A., Robinson, A.C., Pezanowski, S., Savelyev, A., Mitra, P., Zhang, X., BlanfordL, J.: SensePlace2: GeoTwitter analytics support for situational awareness. In: IEEE Conference on Visual Analytics Science and Technology (VAST), pp. 181–190. 23–28 Oct 2011, IEEE (2011) Maceachren, A.M., Jaiswal, A., Robinson, A.C., Pezanowski, S., Savelyev, A., Mitra, P., Zhang, X., BlanfordL, J.: SensePlace2: GeoTwitter analytics support for situational awareness. In: IEEE Conference on Visual Analytics Science and Technology (VAST), pp. 181–190. 23–28 Oct 2011, IEEE (2011)
9.
Zurück zum Zitat Lacey, D.: Managing the Human Factor in Information Security: How to win over staff and influence business managers. Wiley, New York (2011) Lacey, D.: Managing the Human Factor in Information Security: How to win over staff and influence business managers. Wiley, New York (2011)
Metadaten
Titel
Human Factors of Social Engineering Attacks (SEAs) in Hybrid Cloud Environment: Threats and Risks
verfasst von
Reza Alavi
Shareeful Islam
Haris Mouratidis
Copyright-Jahr
2015
DOI
https://doi.org/10.1007/978-3-319-23276-8_5