Publication: Information Security Risk Assessment Framework for Cloud Computing Environment Using Medical Research Design and Method
No Thumbnail Available
Date
2018
Journal Title
Journal ISSN
Volume Title
Publisher
Amer Scientific Publishers
Abstract
The traditional risk assessment methods calculate the risk based on the risk likelihood and the risk impact, which are not suitable to be applied in cloud computing environments. Therefore, this study proposes a framework to assess information security risk by using international risk management standard with adoptions of a medical research design and method. The risk management standard is based on BS. ISO/IEC27005: 2011, which consists of context establishment, risk identification, risk analysis, risk evaluation, risk treatment, monitoring and review, and communication and consultation. Adopting a retrospective cohort study and a method known as Cox Proportional Hazards (PH) Model under survival analysis method will be applied to identify potential information security threats in cloud computing environments. The survival analysis method is used to identify which factors have significant impact and predict the hazard probabilities for selected risk factors in medical field. The proposed framework will be used software as a service model of cloud computing. Therefore, the contribution of this research will be a framework for performing risk analysis studies to identify information security threats in cloud computing environment using medical research design and method.
Description
Keywords
Information Security Threats, Information Security Risk Management Process, Medical Research Design and Method, Cloud Computing, Risk Analysis Methods