Amal Benfateh, F. Gharnati, T. Agouti



End-user based model for risk quantification in Cloud Computing Environment

pdf PDF


Cloud computing is the result of the evolution and the adoption of new technologies and paradigms. Because of its accessibility via internet, that makes it subject to a large variety of attacks. In present paper, we talk about risk quantification by focusing on a Cloud user as the main actor who affects closely on system security by taking into account more parameters based on his conducts within the system as well the state of the assets treated within business processes.


Cloud computing; risk quantification; assessment; security system; threat; user stakeholders


[1] CSI/FBI (2007, 12, 03). The 12th Annual Computer Crime and Security Survey.

[2] OWASP: the open web application security project, “the ten most critical web application security risks. 2013

[3] A. Mukhopadhyay, S. Chatterjee, D. Saha, A. Mahanti & S.K. Sadhukhan. (2006, 01, 07). e-Risk Management with Insurance : A framework using Copula aided Bayesian Belief Networks, Proceedings of the 39th Hawaii International Conference on System Sciences.

[4] F. Foroughi, « Information Security Risk Assessment by Using Bayesian Learning Technique”, Proceedings of the World Congress on Engineering 2008 Vol I WCE 2008, July 2 - 4, 2008, London, U.K.

[5] E. Loukis, D. Spinellis, “Information Systems Security in the Greek Public Sector”. Information Management and Computer Security 9(1), pp. 21–31, 2001.

[6] M. Myerson, “Risk Management Processes for Software Engineering Models”. Boston: Artech House, 1997.

[7] D. Spinellis, S. Kokolakis, S. Gritzalis, “Security requirements, risks and recommendations for small enterprise and home office environments”. Information Management & Computer Security 7(3), pp. 121-128, 1999.

[8] T. Tsiakis, “Information Security Expenditures: a Techno- Economic Analysis”, IJCSNS International Journal of Computer Science and Network Security, VOL.10 No.4, April 2010

[9] W. Böhmer, “Evaluation of the Quality of an Information Security Management System (ISMS) or how secure is secure?”. Guest lecture at the Gjovik University College, 2006.

[10] B. Berger. (2003, 08, 20). Data-Centric Quantitative Computer Security Risk Assessment,

[Online]. Available: http://www.sans.org/reading_room/whitepapers/auditin g/1209.php.

[11] L.B.A. Rabai , M. Jouini, A. Ben Aissa, A. Mili, « A cybersecurity model in cloud computing environments”, Journal of King Saud University – Computer and Information Sciences (2013) 25, 63–75

[12] A. Ben Aissa, R.K. Abercrombie, F.T. Sheldon, A. Mili, “Quantifying security threats and their potential impacts: a case study”. Innovation in Systems and Software Engineering: A NASA Journal 6, 269–281.2010

[13] ISO/IEC 13335-1:2004 Information technology -- Security techniques -- Management of information and communications technology security -- Part 1: Concepts and models for information and communications technology security management.

Cite this paper

Amal Benfateh, F. Gharnati, T. Agouti. (2017) End-user based model for risk quantification in Cloud Computing Environment. International Journal of Computers, 2, 229-232


Copyright © 2017 Author(s) retain the copyright of this article.
This article is published under the terms of the Creative Commons Attribution License 4.0