SECURITY RISK EVALUATION OF CLOUD SERVICES

Cloud service providers offer their clients with different levels of security risk. Users want to minimize this risk for certain costs or investments. Cloud services consist of levels that correspond to the hierarchy of the cloud, namely, the level of software, level of platform level and level of infrastructure. Currently, cloud providers provide package services that include software, platform, and infrastructure elements. Cloud technologies serve as an alternative to the traditional model of local use of hardware and software. On a company-wide scale, cloud-based technologies will allow the abandonment of its own hardware-software infrastructure, replacing it with the connection to the corresponding network service - the cloud. Thus, the paradigm of cloud computing can affect the alignment of forces on the market, both software and hardware. The purpose of the article is to develop theoretical and methodological approaches to the definition of the essence and features of assessing the security risks of cloud services, to identify the main components of risk at each level of the cloud, and to develop a scheme for calculating the consolidated security indicator for cloud services. The proposed risk assessment model is aimed at potential customers who want to compare the risks of cloud service packages offered by different cloud providers. The article defines the main risk factors at each level of the cloud, their types and methods of calculation, and proposes a scheme for estimating the overall consolidated cloud service safety indicator. The proposed model provides an opportunity to analyze the risks arising from the implementation of a specific cloud service or migration to the cloud of the entire IT infrastructure of the enterprise and, based on the data obtained, determine the importance of its creation or lease.