International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed
ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
Webpage URL: https://airccse.org/journal/ijnsa.html
Design and Implementation of the Advanced Cloud Privacy Threat Modeling
Ali Gholami1, Anna-Sara Lind2, Jane Reichel2, Jan-Eric Litton3, Ake Edlund1, Erwin Laure1, 1KTH Royal Institute of Technology, Sweden, 2Uppsala University, Sweden and 3Karolinska Institutet, Sweden
Abstract
Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. In addition, a case study has been implemented as a proof of concept to demonstrate the usability of the proposed methodology. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design.
Keywords
Threat Modeling, Privacy, Method Engineering, Cloud Software Development
Original Source URL: https://aircconline.com/ijnsa/V8N2/8216ijnsa07.pdf
Volume URL: https://airccse.org/journal/jnsa16_current.html
No comments:
Post a Comment