Cloud-COVER:: Using User Security Attribute Preferences and Propagation Analysis to Prioritise Threats to Systems

Muhammed Mustafa Aydin; Jeremy Lawrence Jacob

doi:10.1109/EISIC.2015.11

Cloud-COVER: Using User Security Attribute Preferences and Propagation Analysis to Prioritise Threats to Systems

Muhammed Mustafa Aydin, Jeremy Lawrence Jacob

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.

Original language	English
Title of host publication	Intelligence and Security Informatics Conference (EISIC), 2015 European Workshop
Editors	Mohammad Hammoudeh, Liangxiu Han
Publisher	IEEE
Pages	53-60
Number of pages	8
ISBN (Print)	978-1-4799-8651-4
DOIs	https://doi.org/10.1109/EISIC.2015.11
Publication status	Published - 7 Sept 2015

Access to Document

10.1109/EISIC.2015.11

Cite this

@inproceedings{c94221e4bf314845a8917713cc6a7b40,

title = "Cloud-COVER:: Using User Security Attribute Preferences and Propagation Analysis to Prioritise Threats to Systems",

abstract = "We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.",

author = "Aydin, {Muhammed Mustafa} and Jacob, {Jeremy Lawrence}",

year = "2015",

month = sep,

day = "7",

doi = "10.1109/EISIC.2015.11",

language = "English",

isbn = "978-1-4799-8651-4",

pages = "53--60",

editor = "Mohammad Hammoudeh and Liangxiu Han",

booktitle = "Intelligence and Security Informatics Conference (EISIC), 2015 European Workshop",

publisher = "IEEE",

address = "United States",

}

Cloud-COVER: Using User Security Attribute Preferences and Propagation Analysis to Prioritise Threats to Systems. / Aydin, Muhammed Mustafa; Jacob, Jeremy Lawrence.
Intelligence and Security Informatics Conference (EISIC), 2015 European Workshop. ed. / Mohammad Hammoudeh; Liangxiu Han. IEEE, 2015. p. 53-60.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Cloud-COVER:

T2 - Using User Security Attribute Preferences and Propagation Analysis to Prioritise Threats to Systems

AU - Aydin, Muhammed Mustafa

AU - Jacob, Jeremy Lawrence

PY - 2015/9/7

Y1 - 2015/9/7

N2 - We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.

AB - We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.

U2 - 10.1109/EISIC.2015.11

DO - 10.1109/EISIC.2015.11

M3 - Conference contribution

SN - 978-1-4799-8651-4

SP - 53

EP - 60

BT - Intelligence and Security Informatics Conference (EISIC), 2015 European Workshop

A2 - Hammoudeh, Mohammad

A2 - Han, Liangxiu

PB - IEEE

ER -