To search, Click below search items.


All Published Papers Search Service


Agent Based Information Security Threat Management Framework for Hybrid Cloud Computing


Muhammad Imran Tariq, Shahzadi Tayyaba, Muhammad Usman Hashmi, Muhammad Waseem Ashraf, Natash Ali Mian


Vol. 17  No. 12  pp. 57-66


Cloud computing is an effective, fast growing, and low cost way for today's businesses organizations to provide professional and IT services over the Internet. Cloud computing has variety of service and deployment models providing both solid support to organizations to secure their business interests and flexibility to deliver new services. Security threats are associated with each service and deployment model, vary and depend on wide range of factors including the sensitivity of information, resources and architectures. Over time, business and cloud organizations tend to tight their security posture. For effective threat management, cloud service provider must perform threat assessments on regular basis. Threat Agent is an individual or group that exploit vulnerabilities, manifest a threat and conduct damaging activities. An alerting position arises when threat agent breach security and leaks confidential and sensitive information of organization. To cater this situation, we have proposed Agent Based Information Security Threat Management Framework that ensures threat mitigation in Cloud environment. The core objectives of this article is to present Agent based information security threat management framework for better understanding from threat identifying process to apply countermeasures. We also introduced software and intelligent agent concepts that gather appropriate, relevant, variety of information relates to Information Security to use in proposed framework and to develop system that facilitates organization to define, update, propose, validate and apply measure against each threat agents. The proposed framework validated using fuzzy logic inference system and simulated and tested through MATLAB®. The proposed framework covers all cloud services and deployment models. Cloud organizations can apply this framework to their organizations to mitigate threats.


Information security Framework, Cloud computing, Fuzzy logic, Threat management, Risk management, Self-Adaptive Systems