TY - JOUR
T1 - Information Security Risk Assessment Framework for Cloud Computing Environment Using Medical Research Design and Method
AU - Narayana Samy, Ganthan
AU - Shanmugam, Bharanidharan
AU - Maarop, Nurazean
AU - Magalingam, Pritheega
AU - Perumal, Sundresan
AU - Albakri, Sameer Hasan
AU - Ahmad, Rabiah
PY - 2018/1
Y1 - 2018/1
N2 - The traditional risk assessment methods calculate the risk based on the risk likelihood and the risk impact, which are not suitable to be applied in cloud computing environments. Therefore, this study proposes a framework to assess information security risk by using international risk management standard with adoptions of a medical research design and method. The risk management standard is based on BS.ISO/IEC27005:2011, which consists of context establishment, risk identification, risk analysis, risk evaluation, risk treatment, monitoring and review, and communication and consultation. Adopting a retrospective cohort study and a method known as Cox Proportional Hazards (PH) Model under survival analysis method will be applied to identify potential information security threats in cloud computing environments. The survival analysis method is used to identify which factors have significant impact and predict the hazard probabilities for selected risk factors in medical field. The proposed framework will be used software as a service model of cloud computing. Therefore, the contribution of this research will be a framework for performing risk analysis studies to identify information security threats in cloud computing environment using medical research design and method.
AB - The traditional risk assessment methods calculate the risk based on the risk likelihood and the risk impact, which are not suitable to be applied in cloud computing environments. Therefore, this study proposes a framework to assess information security risk by using international risk management standard with adoptions of a medical research design and method. The risk management standard is based on BS.ISO/IEC27005:2011, which consists of context establishment, risk identification, risk analysis, risk evaluation, risk treatment, monitoring and review, and communication and consultation. Adopting a retrospective cohort study and a method known as Cox Proportional Hazards (PH) Model under survival analysis method will be applied to identify potential information security threats in cloud computing environments. The survival analysis method is used to identify which factors have significant impact and predict the hazard probabilities for selected risk factors in medical field. The proposed framework will be used software as a service model of cloud computing. Therefore, the contribution of this research will be a framework for performing risk analysis studies to identify information security threats in cloud computing environment using medical research design and method.
KW - Cloud Computing
KW - Information Security Risk Management Process
KW - Information Security Threats
KW - Information Security Threats; Medical Research Design and Method
KW - Risk Analysis Methods
U2 - 10.1166/asl.2018.11804
DO - 10.1166/asl.2018.11804
M3 - Article
SN - 1936-6612
VL - 24
SP - 739
EP - 743
JO - Advanced Science Letters
JF - Advanced Science Letters
IS - 1
ER -