Design of Quantifiable Real-Life Security Matrix for Cloud Computing.

Cloud security has been evolved as a significant research area under the arena of information security that consists of network security and data security, and the area is not restricted to researchers only but also for the sake of cloud providers and users as well because of its tremendous potentiality towards flexible storage capacity, power of virtualization, multi-tenant features and highly commercial viability among the service industries, academia and others. However, the technology of concern, though possess lots of advantages, is all but free from some serious drawbacks relating to privacy and security issues, which are equally important for its wide acceptability in the real-life situations. Due to some popular as well as comparatively uncommon attack vectors, the security of cloud service has arose a big question in the success of the technology, resulting the need to measure properly to ensure the loss caused and also for adapting the appropriate countermeasures for those attacks.. A good number of attack vectors and threats have been identified responsible for the decline of the widespread of the cloud computing in the IT and ITes industries and a major thrust research area has been evolved in the current decade, particularly, to device and formalize the appropriate security metrics for the measurement of the impact of the varied attack vectors. Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats, fewer describe them in useful terms and fewer measure them in meaningful ways. It has been observed that any system could be continuously monitored for several attack vectors and steps could be taken to control those attacks with appropriate measures. The domain of the problem is chosen in the cloud security area because of its novelty, importance, wide scope of research, applicability in the real-life industries and also the carry forward prospect in the relevant field for future research works. In the present paper, a novel concept of Security Matrix has been proposed whose foundation is based on a mathematical model for computational easiness and technically based on security metrics of different types of attack vectors. The intention of the proposed matrix is to measure the impact of different types of attack vectors mathematically by using proper metrics and convert the weakness into strength by properly identifying the different types of threats and measuring the impact of the threats with proper and justified metrics in a definite manner.