, Amazon Web Services, 2018.
, , 2018.
, , 2018.
Threat modeling for cloud data center infrastructures, Foundations and Practice of Security-9th International Symposium, FPS 2016, pp.302-319, 2016. ,
A knowledge-base model for insider threat prediction, IEEE SMC Information Assurance and Security Workshop, pp.239-246, 2007. ,
Cisco cloud computing-data center strategy, architecture, and solutions, 2009. ,
We have met the enemy and he is us, Proceedings of the 2008 New Security Paradigms Workshop, NSPW '08, pp.1-12, 2008. ,
Secure cloud maintenance: Protecting workloads against insider attacks, Proceedings of the 7th ACM Symposium on Information, vol.12, pp.83-84, 2012. ,
Diversifying network services under cost constraints for better resilience against unknown attacks, Data and Applications Security and Privacy XXX-30th Annual IFIP WG 11.3 Conference, pp.295-312, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01633677
Towards a theory of insider threat assessment, 2005 International Conference on Dependable Systems and Networks (DSN'05), pp.108-117, 2005. ,
Insider threats to cloud computing: Directions for new research challenges, 2012 IEEE 36th Annual Computer Software and Applications Conference, pp.387-394, 2012. ,
, Security guidance for critical areas of focus in cloud computing v 3.0, 2011.
, Top threats to cloud computing, 2018.
A survey of risks, threats and vulnerabilities in cloud computing, Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications, ISWSA '11, vol.12, pp.1-12, 2011. ,
Attack surfaces: A taxonomy for attacks on cloud services, 2010 IEEE 3rd international conference on cloud computing, pp.276-279, 2010. ,
Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decision Support Systems, vol.41, pp.592-603, 2006. ,
VMware VSphere In The Enterprise ,
Information technology-Security techniques-Code of practice for information security controls based on ISO/IEC 27002 for cloud services, 2012. ,
Mycloud: Supporting user-configured privacy protection in cloud computing, Proceedings of the 29th Annual Computer Security Applications Conference, ACSAC '13, pp.59-68, 2013. ,
A security metrics framework for the cloud, Security and Cryptography (SECRYPT), 2011 Proceedings of the International Conference on, pp.245-250, 2011. ,
A security metrics framework for the cloud, Security and Cryptography (SECRYPT), 2011 Proceedings of the International Conference on, pp.245-250, 2011. ,
Insider abuse comprehension through capability acquisition graphs, 11th International Conference on Information Fusion, pp.1-8, 2008. ,
,
, Proceedings, chapter Using Attack Trees to Identify Malicious Attacks from Authorized Insiders, pp.231-246, 2005.
On optimal employee assignment in constrained role-based access control systems, ACM Trans. Manage. Inf. Syst, vol.7, issue.4, 2016. ,
Role-based access control models, Computer, vol.29, issue.2, pp.38-47, 1996. ,
Quirc: A quantitative impact and risk assessment framework for cloud security, 2010 IEEE 3rd International Conference on Cloud Computing, pp.280-288, 2010. ,
Insider attack identification and prevention using a declarative approach, IEEE Security and Privacy Workshops, pp.265-276, 2014. ,
Security threats in cloud computing, Internet Technology and Secured Transactions (ICITST), 2011 International Conference for, pp.214-219, 2011. ,
Automated generation and analysis of attack graphs, Proceedings. 2002 IEEE Symposium on, pp.273-284, 2002. ,
Hardening openstack cloud platforms against compute node compromises, Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS '16, pp.341-352, 2016. ,
k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities, IEEE Transactions on Dependable and Secure Computing, vol.11, issue.1, pp.30-44, 2014. ,