ارزیابی و رتبه‌بندی ریسک‌های امنیتی رایانش ابری بر اساس یک رویکرد ترکیبی مبتنی بر مقایسه‌های زوجی

نویسندگان

دانشگاه آزاد اسلامی؛ واحد سمنان؛ سمنان، ایران؛

چکیده

امروزه، با وجود مزایای بسیار فناوری رایانش ابری از جمله ایجاد صرفه‌جویی اقتصادی، چابکی، افزایش انعطاف‌پذیری و مقیاس‌پذیری، مسئله امنیت اطلاعات مانع اصلی گرایش سازمان‌ها به سمت رایانش ابری است. افزون بر مسائل مربوط به زیرساخت و عوامل سیاسی موجود در ایران، ریسک‌های امنیتی زیادی در فناوری رایانش ابری وجود دارد. هدف پژوهش حاضر، استخراج و رتبه‌بندی این ریسک‌های امنیتی است. در این راستا با مطالعه مبانی نظری مرتبط با موضوع پژوهش، این ریسک‌ها استخراج و با توجه به نظر خبرگان دسته‌بندی شد. پرسشنامه‌های مقایسه‌ها زوجی مختلف بر اساس عوامل استخراج‌شده طراحی و نظرات خبرگان جمع‌آوری شد. سپس، با تلفیق روش‌های مختلف وزن‌دهی بر پایه مقایسه‌ها زوجی و به‌ کمک روش ادغامی «کپ‌لند»، ریسک‌های امنیتی رتبه‌بندی گردید. بر اساس نتایج این رتبه‌بندی، ریسک محرمانگی داده، احراز هویت، و موقعیت داده به‌ترتیب در رتبه اول تا سوم قرار گرفتند و رتبه سایر ریسک‌ها نیز مشخص شد.

کلیدواژه‌ها

عنوان مقاله [English]

Assessing and Ranking Cloud Computing Security Risks Based On a Hybrid Approach Based On Pairwise Comparisons

نویسندگان [English]

  • Mehdi Soltanifar
  • Seyed Mohammad Zargar
چکیده [English]

Today, despite many benefits of cloud computing technology, including cost savings, agility, increased flexibility and scalability the issue of information security is the main obstacle to the tendency of organizations towards cloud computing. In addition to infrastructure issues and political factors in Iran, there are many security risks in cloud computing technology. Therefore, the purpose of this study is to extract and rank these security risks. In this regard, by studying the theoretical foundations related to the research topic, these factors are extracted and categorized according to the opinion of experts, and then by designing questionnaires of different pairwise comparisons, collecting comments and combining different weighting methods based on pairwise comparisons by Copeland aggregation method, security risks were ranked. In this ranking, data privacy risk was the first priority of cloud computing security risks.

کلیدواژه‌ها [English]

  • Security
  • cloud computing
  • multi attribute decision making
  • pairwise comparisons
  • Copeland Method

مراجع

  1. زرگر، سید محمد، و زهرا شهریاری. 1397. ارائۀ مدلی پویا برای پذیرش فناوری رایانش ابری با استفاده از روش دیماتل و رویکرد پویایی سیستم. فصلنامه علمی-پژوهشی مدیریت فناوری اطلاعات 10 (1): 93-116.
  2. زرگر، سید محمد، و زهرا شهریاری. 1397. ارائۀ مدلی پویا برای پذیرش فناوری رایانش ابری با استفاده از روش دیماتل و رویکرد پویایی سیستم. فصلنامه علمی-پژوهشی مدیریت فناوری اطلاعات 10 (1): 93-116.
  3. سلطان باغشاهی، سمیه، لیلا سلطان باغشاهی، احمد خادم‌زاده و سام جبهداری. 1391. تحلیل چالش‌های امنیتی و تأثیر آن بر رایانش ابری. اولین کارگاه ملی رایانش ابری ایران. تهران.
  4. سلطان باغشاهی، سمیه، لیلا سلطان باغشاهی، احمد خادمزاده و سام جبهداری. 1391. تحلیل چالش‌های امنیتی و تأثیر آن بر رایانش ابری. اولین کارگاه ملی رایانش ابری ایران. تهران.
  5. سلیمی، زهرا. 1398. بررسی و مقایسۀ معمارهای امنیتی رایانش ابری در راستای ارائۀ راه‌کارهایی جهت توسعه سازمان‌های امنیتی. پژوهش‌های معاصر در علوم و تحقیقات 1 (8): 18-32.
  6. سلیمی، زهرا. 1398. بررسی و مقایسۀ معمارهای امنیتی رایانش ابری در راستای ارائۀ راه‌کارهایی جهت توسعه سازمان‌های امنیتی. پژوهش‌های معاصر در علوم و تحقیقات 1 (8): 18-32.
  7. صدرالساداتی، سید محسن، و محمدجواد کارگر. 1392. چالش‌های امنیتی در رایانش ابری و ارائۀ راه‌کاری جهت بهبود امنیت آن در راستای توسعه خدمات عمومی دولت الکترونیک. هشتمین همایش بین‌المللی پیشرفت علم و فناوری، مشهد، ایران.
  8. صدرالساداتی، سید محسن، و محمدجواد کارگر. 1392. چالش‌های امنیتی در رایانش ابری و ارائۀ راه‌کاری جهت بهبود امنیت آن در راستای توسعه خدمات عمومی دولت الکترونیک. هشتمین همایش بین‌المللی پیشرفت علم و فناوری، مشهد، ایران.
  9. لطفی مرزناکی، مونا، شادی حاجی‌باقری، و محبوبه محمدکاظم. 1391. بررسی خطرها، تهدیدها و آسیب‌پذیری‌ها در محاسبات ابری. اولین کنفرانس دانشجویی پیشرفت‌های نوین مهندسی دانشگاه شریف. ایران.
  10. لطفی مرزناکی، مونا، شادی حاجی‌باقری، و محبوبه محمدکاظم. 1391. بررسی خطرها، تهدیدها و آسیب‌پذیری‌ها در محاسبات ابری. اولین کنفرانس دانشجویی پیشرفت‌های نوین مهندسی دانشگاه شریف. ایران.
  11. مؤمنی، منصور. 1395. مباحث نوین تحقیق در عملیات. تهران: مؤلف.
  12. مؤمنی، منصور. 1395. مباحث نوین تحقیق در عملیات. تهران: مؤلف.
  13. نقیان فشارکی، مهدی، سید غلامحسن طباطبایی، و مصطفی تمتاجی. 1393. ارائه معماری مرجع امنیتی محیط رایانش ابر خصوصی سازمان. فصلنامه علمی پژوهشی امنیت‌پژوهی 13 (47): 91-113.
  14. نقیان فشارکی، مهدی، سید غلامحسن طباطبایی، و مصطفی تمتاجی. 1393. ارائه معماری مرجع امنیتی محیط رایانش ابر خصوصی سازمان. فصلنامه علمی پژوهشی امنیت‌پژوهی 13 (47): 91-113.
  15. ولوی، محمدرضا، محمدرضا موحدی‌صفت، و ایمان باقری کوشالشاه. 1396. ارائۀ الگوی راهبردی مهاجرت سازمان‌های دفاعی به محیط رایانش ابری. فصلنامه مدیریت نظامی 17 (65): 106-130.
  16. ولوی، محمدرضا، محمدرضا موحدی‌صفت، و ایمان باقری کوشالشاه. 1396. ارائۀ الگوی راهبردی مهاجرت سازمان‌های دفاعی به محیط رایانش ابری. فصلنامه مدیریت نظامی 17 (65): 106-130.
  17. یعقوبی نورمحمد، حمیدرضا جعفری، و جواد شکوهی. 1394. شناسایی و رتبه‌بندی عوامل ریسک رایانش ابری در سازمان‌های دولتی. پژوهشنامه پردازش و مدیریت اطلاعات ۳۰ (۳) :۷۵۹-۷۸۴.
  18. یعقوبی نورمحمد، حمیدرضا جعفری، و جواد شکوهی. 1394. شناسایی و رتبه‌بندی عوامل ریسک رایانش ابری در سازمان‌های دولتی. پژوهشنامه پردازش و مدیریت اطلاعات ۳۰ (۳) :۷۵۹-۷۸۴.
  19. Abbas, H., O. Maennel, and S. Assar. 2017. Security and privacy issues in cloud computing. Annals of Telecommunications 72 (5-6): 233-235. [DOI:10.1007/s12243-017-0578-3]
  20. Abbas, H., O. Maennel, and S. Assar. 2017. Security and privacy issues in cloud computing. Annals of Telecommunications 72 (5-6): 233-235. [DOI:10.1007/s12243-017-0578-3]
  21. Abdlrazaq, A., and A. Varol. 2021. Cloud Computing's Impact on Enterprises. In Term of Security and Cost. International Journal of Security 12 (1): 1-14.
  22. Abdlrazaq, A., and A. Varol. 2021. Cloud Computing's Impact on Enterprises. In Term of Security and Cost. International Journal of Security 12 (1): 1-14.
  23. Alcaraz Calero, J. M., N. Edwards, J. Kirschnick, L. Wilcock, and M. Wray. 2010. Toward a multi-tenancy authorization system for cloud services. IEEE Security & Privacy 8 (6): 48-55. [DOI:10.1109/MSP.2010.194]
  24. Alcaraz Calero, J. M., N. Edwards, J. Kirschnick, L. Wilcock, and M. Wray. 2010. Toward a multi-tenancy authorization system for cloud services. IEEE Security & Privacy 8 (6): 48-55. [DOI:10.1109/MSP.2010.194]
  25. Ali, O., A. Shrestha, A. Chatfield, and P. Murray. 2020. Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly 37 (1): 1-20. [DOI:10.1016/j.giq.2019.101419]
  26. Ali, O., A. Shrestha, A. Chatfield, and P. Murray. 2020. Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly 37 (1): 1-20. [DOI:10.1016/j.giq.2019.101419]
  27. AlMendah, O., and S. Alzahrani. 2021. Cloud and edge computing security challenges, demands, known threats, and vulnerabilities. Academic Journal of Research and Scientific Publishing 2 (21): 156-175.
  28. AlMendah, O., and S. Alzahrani. 2021. Cloud and edge computing security challenges, demands, known threats, and vulnerabilities. Academic Journal of Research and Scientific Publishing 2 (21): 156-175.
  29. Almorsy, M., J. Grundy, and I. Muller. 2016. An analysis of the cloud computing security problem. In Proceedings ofthe APSEC 2010 Cloud Workshop, Sydney, Australia, 30 November 2010; pp. 1-6.
  30. Almorsy, M., J. Grundy, and I. Muller. 2016. An analysis of the cloud computing security problem. In Proceedings ofthe APSEC 2010 Cloud Workshop, Sydney, Australia, 30 November 2010; pp. 1-6.
  31. Amini, M., N. Safavi, R. Mirzaeyan Bahnamiri, M. Mirzaei Omran, and M. Amini. 2014. Development of an Instrument for Assessing the Impact of Environmental Context on Adoption of Cloud Computing for Small and Medium Enterprises. Australian Journal of Basic and Applied Sciences 8 (10): 129-135.
  32. Amini, M., N. Safavi, R. Mirzaeyan Bahnamiri, M. Mirzaei Omran, and M. Amini. 2014. Development of an Instrument for Assessing the Impact of Environmental Context on Adoption of Cloud Computing for Small and Medium Enterprises. Australian Journal of Basic and Applied Sciences 8 (10): 129-135.
  33. Aviˇzienis, A., J. Laprie, B. Randell, and C. Landwehr. 2004. Basic concepts and taxonomy of dependable and secure computing, IEEE Transactions on Dependable and Secure Computing 1 (1): 11-33. [DOI:10.1109/TDSC.2004.2]
  34. Aviˇzienis, A., J. Laprie, B. Randell, and C. Landwehr. 2004. Basic concepts and taxonomy of dependable and secure computing, IEEE Transactions on Dependable and Secure Computing 1 (1): 11-33. [DOI:10.1109/TDSC.2004.2]
  35. Avram, M. G. 2014. Advantages and challenges of adopting cloud computing from an enterprise perspective. Procedia Technology 12: 529-534. [DOI:10.1016/j.protcy.2013.12.525]
  36. Avram, M. G. 2014. Advantages and challenges of adopting cloud computing from an enterprise perspective. Procedia Technology 12: 529-534. [DOI:10.1016/j.protcy.2013.12.525]
  37. Badri Ahmadi, H., S. Kusi-Sarpong, and J. Rezaei. 2020. Assessing the social sustainability of supply chains using Best Worst Method, Resources. Conservation & Recycling 126: 99-106. [DOI:10.1016/j.resconrec.2017.07.020]
  38. Badri Ahmadi, H., S. Kusi-Sarpong, and J. Rezaei. 2020. Assessing the social sustainability of supply chains using Best Worst Method, Resources. Conservation & Recycling 126: 99-106. [DOI:10.1016/j.resconrec.2017.07.020]
  39. Bana e Costa, C. A. and J. C. Vansnick. 1994. MACBETH- an interactive path towards the construction of cardinal value functions, International Transactions in Operational Research 1: 489-500. [DOI:10.1111/j.1475-3995.1994.00325.x]
  40. Bana e Costa, C. A. and J. C. Vansnick. 1994. MACBETH- an interactive path towards the construction of cardinal value functions, International Transactions in Operational Research 1: 489-500. [DOI:10.1111/j.1475-3995.1994.00325.x]
  41. _____. 1999. The MACBETH Approach: Basic ideas, software, and an application. In: meskens n., roubens m. (eds) advances in decision analysis. Mathematical Modelling: Theory and Applications vol 4. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-0647-6_9 [DOI:10.1007/978-94-017-0647-6_9.]
  42. _____. 1999. The MACBETH Approach: Basic ideas, software, and an application. In: meskens n., roubens m. (eds) advances in decision analysis. Mathematical Modelling: Theory and Applications vol 4. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-0647-6_9 [DOI:10.1007/978-94-017-0647-6_9.]
  43. Behrend, T. S., E. N. Wiebe, J. E. London, and E. C. Johnson. 2011. Cloud computing adoption and usage in community colleges. Behavior & Information Technology 30 (2): 231-240. [DOI:10.1080/0144929X.2010.489118]
  44. Behrend, T. S., E. N. Wiebe, J. E. London, and E. C. Johnson. 2011. Cloud computing adoption and usage in community colleges. Behavior & Information Technology 30 (2): 231-240. [DOI:10.1080/0144929X.2010.489118]
  45. Biedermann S., and S. Katzenbeisser. 2013. POSTER: event-based isolation of critical data in the cloud, in Proceedings of the ACM SIGSAC Conference on Computer & Communications Security, pp. 1383-1386. Berlin, Germany. [DOI:10.1145/2508859.2512506]
  46. Biedermann S., and S. Katzenbeisser. 2013. POSTER: event-based isolation of critical data in the cloud, in Proceedings of the ACM SIGSAC Conference on Computer & Communications Security, pp. 1383-1386. Berlin, Germany. [DOI:10.1145/2508859.2512506]
  47. Brender, N., and I. Markov. 2013. Risk Perception And Risk Management In Cloud Computing: results from a case study of Swiss companies. International journal of information management 33 (5): 726-733. [DOI:10.1016/j.ijinfomgt.2013.05.004]
  48. Brender, N., and I. Markov. 2013. Risk Perception And Risk Management In Cloud Computing: results from a case study of Swiss companies. International journal of information management 33 (5): 726-733. [DOI:10.1016/j.ijinfomgt.2013.05.004]
  49. Catteddu D. 2010. Cloud computing: benefits, risks and recommendations for information security, In Web Application Security, Ed. Berlin: Springer. [DOI:10.1007/978-3-642-16120-9_9]
  50. Catteddu D. 2010. Cloud computing: benefits, risks and recommendations for information security, In Web Application Security, Ed. Berlin: Springer. [DOI:10.1007/978-3-642-16120-9_9]
  51. Chang, V., Y. Kuo, and M. Ramachandran. 2016. Cloud computing adoption framework: A security framework for business clouds. Future Generation Computer Systems 57: 24-41. [DOI:10.1016/j.future.2015.09.031]
  52. Chang, V., Y. Kuo, and M. Ramachandran. 2016. Cloud computing adoption framework: A security framework for business clouds. Future Generation Computer Systems 57: 24-41. [DOI:10.1016/j.future.2015.09.031]
  53. Cook, W. D., and M. Kress. 1990. A data envelopment model for aggregating preference rankings. Management Science 36 (11): 1302-1310. [DOI:10.1287/mnsc.36.11.1302]
  54. Cook, W. D., and M. Kress. 1990. A data envelopment model for aggregating preference rankings. Management Science 36 (11): 1302-1310. [DOI:10.1287/mnsc.36.11.1302]
  55. Delice, E. K., and G. F. Can. 2020. A new approach for ergonomic risk assessment integrating KEMIRA, best-worst and MCDM methods, Soft Computing, https://doi.org/10.1007/s00500-020-05143-9 [DOI:10.1007/s00500-020-05143-9.]
  56. Delice, E. K., and G. F. Can. 2020. A new approach for ergonomic risk assessment integrating KEMIRA, best-worst and MCDM methods, Soft Computing, https://doi.org/10.1007/s00500-020-05143-9 [DOI:10.1007/s00500-020-05143-9.]
  57. Doherty, E., M. Carcary, and G. Conwa. 2012. Risk management considerations in cloud computing adoption. Innovation Value Institute, Executive Briefing, Retrieved From: Eprints. Nuim. http://mural.maynoothuniversity.ie/4302/1/GC_Cloud_Computiong_Adoption.pdf , (accessed Dec. 16, 2020).
  58. Doherty, E., M. Carcary, and G. Conwa. 2012. Risk management considerations in cloud computing adoption. Innovation Value Institute, Executive Briefing, Retrieved From: Eprints. Nuim. http://mural.maynoothuniversity.ie/4302/1/GC_Cloud_Computiong_Adoption.pdf , (accessed Dec. 16, 2020).
  59. Gartner Inc Gartner identifies the Top 10 strategic technologies. 2011. Online. Available: http://www.gartner.com/it/page.jsp?id=1454221. (accessed July 15, 2020)
  60. Gartner Inc Gartner identifies the Top 10 strategic technologies. 2011. Online. Available: http://www.gartner.com/it/page.jsp?id=1454221. (accessed July 15, 2020)
  61. Gellman, R. 2009. Privacy in the clouds: Risks to privacy and confidentiality from cloud computing, The World Privacy Forum,. http://www.worldprivacyforum.org/pdf/WPF_Cloud_Privacy_Re port.pdf (accessed Dec. 16, 2020)
  62. Gellman, R. 2009. Privacy in the clouds: Risks to privacy and confidentiality from cloud computing, The World Privacy Forum,. http://www.worldprivacyforum.org/pdf/WPF_Cloud_Privacy_Re port.pdf (accessed Dec. 16, 2020)
  63. Gholami, A., and E. Laure. 2015. Security and Privacy of Sensitive Data in cloud computing: a survey of recent developments. Computer Science & Information Technology. 131-150. DOI: 10.5121/csit.2015.51611 [DOI:10.5121/csit.2015.51611]
  64. Gholami, A., and E. Laure. 2015. Security and Privacy of Sensitive Data in cloud computing: a survey of recent developments. Computer Science & Information Technology. 131-150. DOI: 10.5121/csit.2015.51611 [DOI:10.5121/csit.2015.51611]
  65. Godfrey, M., and M. Zulkernine. 2014. Preventing Cache-Based Side-Channel Attacks in a Cloud Environment. IEEE Transactions on Cloud Computing 2 (4): 395-408. [DOI:10.1109/TCC.2014.2358236]
  66. Godfrey, M., and M. Zulkernine. 2014. Preventing Cache-Based Side-Channel Attacks in a Cloud Environment. IEEE Transactions on Cloud Computing 2 (4): 395-408. [DOI:10.1109/TCC.2014.2358236]
  67. Gonzalez, N., M. Charles, R. Fernando, S. Marcos, C. Tereza, M. Näslund, M. Pourzandi. 2012. A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing 1 (1): 1-18. [DOI:10.1186/2192-113X-1-11]
  68. Gonzalez, N., M. Charles, R. Fernando, S. Marcos, C. Tereza, M. Näslund, M. Pourzandi. 2012. A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing 1 (1): 1-18. [DOI:10.1186/2192-113X-1-11]
  69. Green, R. H., J. R. Doyle, and W. D. Cook. 1996. Preference voting and project ranking using DEA and cross-evaluation. European Journal of Operational Research 90: 461-472. [DOI:10.1016/0377-2217(95)00039-9]
  70. Green, R. H., J. R. Doyle, and W. D. Cook. 1996. Preference voting and project ranking using DEA and cross-evaluation. European Journal of Operational Research 90: 461-472. [DOI:10.1016/0377-2217(95)00039-9]
  71. Grobauer, B., V. Walloschek, and E. Stocker. 2011. Understanding Cloud Computing Vulnerabilities. IEEE Security & Privacy 9 (2): 50-57. [DOI:10.1109/MSP.2010.115]
  72. Grobauer, B., V. Walloschek, and E. Stocker. 2011. Understanding Cloud Computing Vulnerabilities. IEEE Security & Privacy 9 (2): 50-57. [DOI:10.1109/MSP.2010.115]
  73. Hadi-Vencheh, A., and M. Niazi-Motlagh. 2011. An improved voting analytic hierarchy process-data envelopment analysis methodology for suppliers selection, International Journal of Computer Integrated Manufacturing 24 (3): 189-197. [DOI:10.1080/0951192X.2011.552528]
  74. Hadi-Vencheh, A., and M. Niazi-Motlagh. 2011. An improved voting analytic hierarchy process-data envelopment analysis methodology for suppliers selection, International Journal of Computer Integrated Manufacturing 24 (3): 189-197. [DOI:10.1080/0951192X.2011.552528]
  75. Hashizume, K., D. Rosado, E. B. Fernández-Medina, and E. Fernandez. 2013. An analysis of security issues for cloud computing. Journal of Internet Services and Applications 4 (5): 2-13. [DOI:10.1186/1869-0238-4-5]
  76. Hashizume, K., D. Rosado, E. B. Fernández-Medina, and E. Fernandez. 2013. An analysis of security issues for cloud computing. Journal of Internet Services and Applications 4 (5): 2-13. [DOI:10.1186/1869-0238-4-5]
  77. He, H., R. Li, X. Dong, and Zh. Zhang. 2014. Secure, Efficient and Fine-Grained Data Access Control Mechanism for P2P Storage Cloud. IEEE Transactions on Cloud Computing 2 (4): 471-484. [DOI:10.1109/TCC.2014.2378788]
  78. He, H., R. Li, X. Dong, and Zh. Zhang. 2014. Secure, Efficient and Fine-Grained Data Access Control Mechanism for P2P Storage Cloud. IEEE Transactions on Cloud Computing 2 (4): 471-484. [DOI:10.1109/TCC.2014.2378788]
  79. Hong, H., D. Chen, Ch. Huang, and Ch Kuan-Ta & Ch Hsu. 2015. Placing Virtual Machines to Optimize Cloud Gaming Experience. IEEE Transactions on Cloud Computing 3 (1): 42-53. [DOI:10.1109/TCC.2014.2338295]
  80. Hong, H., D. Chen, Ch. Huang, and Ch Kuan-Ta & Ch Hsu. 2015. Placing Virtual Machines to Optimize Cloud Gaming Experience. IEEE Transactions on Cloud Computing 3 (1): 42-53. [DOI:10.1109/TCC.2014.2338295]
  81. Hydara, I., A. Bakar, M. Sultan, H. Zulzalil, and N. Admodisastro. 2015. Current state of research on cross-site scripting (XSS) - A Systematic Literature Review. Information & Software Technology 58: 170-186. [DOI:10.1016/j.infsof.2014.07.010]
  82. Hydara, I., A. Bakar, M. Sultan, H. Zulzalil, and N. Admodisastro. 2015. Current state of research on cross-site scripting (XSS) - A Systematic Literature Review. Information & Software Technology 58: 170-186. [DOI:10.1016/j.infsof.2014.07.010]
  83. Islam, T., D. Manivannan, and Sh. Zeadally. 2016. A classification and characterization of security threats in cloud computing. International Journal of Next-Generation Computing 7 (1): 1-17.
  84. Islam, T., D. Manivannan, and Sh. Zeadally. 2016. A classification and characterization of security threats in cloud computing. International Journal of Next-Generation Computing 7 (1): 1-17.
  85. Jensen, M., J. Schwenk, N. Gruschka, andL. Iacono. 2009. On technical security issues in cloud computing, in IEEE ICCC, Bangalore, 2009, 109-116. [DOI:10.1109/CLOUD.2009.60]
  86. Jensen, M., J. Schwenk, N. Gruschka, andL. Iacono. 2009. On technical security issues in cloud computing, in IEEE ICCC, Bangalore, 2009, 109-116. [DOI:10.1109/CLOUD.2009.60]
  87. Kandukuri, B. R., R. V. Paturi, and A. Rakshit. 2009. Cloud Security Issues, IEEE International Conferenceon Services Computing, Bangalore, India, September21-25, 2009. In Proceedings of IEEE, SCC'2009.pp.517-520, 2009. [DOI:10.1109/SCC.2009.84]
  88. Kandukuri, B. R., R. V. Paturi, and A. Rakshit. 2009. Cloud Security Issues, IEEE International Conferenceon Services Computing, Bangalore, India, September21-25, 2009. In Proceedings of IEEE, SCC'2009.pp.517-520, 2009. [DOI:10.1109/SCC.2009.84]
  89. Kazim, M., and Sh. Y. Zhu. 2015. A survey on top security threats in cloud computing. International Journal of Advanced Computer Science and Applications 6 (3): 109-113. [DOI:10.14569/IJACSA.2015.060316]
  90. Kazim, M., and Sh. Y. Zhu. 2015. A survey on top security threats in cloud computing. International Journal of Advanced Computer Science and Applications 6 (3): 109-113. [DOI:10.14569/IJACSA.2015.060316]
  91. Khalil, I., A. Khreishah, and M. Azeem. 2014. Cloud Computing Security: A Survey. Computers 3: 1-35. [DOI:10.3390/computers3010001]
  92. Khalil, I., A. Khreishah, and M. Azeem. 2014. Cloud Computing Security: A Survey. Computers 3: 1-35. [DOI:10.3390/computers3010001]
  93. Kumara, A., A. Aswin, and H. Gupta. 2020. Evaluating green performance of the airports using hybrid BWM and VIKOR methodology. Tourism Management 76:1-16. https://doi.org/10.1016/j.tourman.2019.06.016 [DOI:10.1016/j.tourman.2019.06.016.]
  94. Kumara, A., A. Aswin, and H. Gupta. 2020. Evaluating green performance of the airports using hybrid BWM and VIKOR methodology. Tourism Management 76:1-16. https://doi.org/10.1016/j.tourman.2019.06.016 [DOI:10.1016/j.tourman.2019.06.016.]
  95. Leal, J. E. 2020. AHP-express: A simplified version of the analytical hierarchy process method. MethodsX.7 : [DOI:10.1016/j.mex.2019.11.021]
  96. Leal, J. E. 2020. AHP-express: A simplified version of the analytical hierarchy process method. MethodsX.7 : [DOI:10.1016/j.mex.2019.11.021]
  97. Liang, F., M. Brunelli, and J. Rezaei. 2020. Consistency issues in the best worst method: Measurements and thresholds. Omega 96: [DOI:10.1016/j.omega.2019.102175]
  98. Liang, F., M. Brunelli, and J. Rezaei. 2020. Consistency issues in the best worst method: Measurements and thresholds. Omega 96: [DOI:10.1016/j.omega.2019.102175]
  99. Liu, F., H., F., and H. Hai. 2005. The voting analytic hierarchy process method for selecting supplier. International Journal of Production Economics 97 (3): 308-317. [DOI:10.1016/j.ijpe.2004.09.005]
  100. Liu, F., H., F., and H. Hai. 2005. The voting analytic hierarchy process method for selecting supplier. International Journal of Production Economics 97 (3): 308-317. [DOI:10.1016/j.ijpe.2004.09.005]
  101. Mell P., T. Grance. 2018. SP 800-145, The NIST Definition of cloud computing | CSRC (online) Csrc.nist.gov. https://csrc.nist.gov/publi catio ns/detai l/sp/800-145/final (accessed Dec. 11, 2020)
  102. Mell P., T. Grance. 2018. SP 800-145, The NIST Definition of cloud computing | CSRC (online) Csrc.nist.gov. https://csrc.nist.gov/publi catio ns/detai l/sp/800-145/final (accessed Dec. 11, 2020)
  103. Nishad, L. S., G. Akriti, J. Paliwal, R. Pandey, S. Beniwal, S. Kumar. 2016. Security, Privacy Issues and challenges In Cloud Computing: A Survey. In Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies (ICTCS '16). ACM, New York, NY, USA, Article 47, 7 pages. DOI: http://dx.doi.org/10.1145/2905055.2905253 [DOI:10.1145/2905055.2905253]
  104. Nishad, L. S., G. Akriti, J. Paliwal, R. Pandey, S. Beniwal, S. Kumar. 2016. Security, Privacy Issues and challenges In Cloud Computing: A Survey. In Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies (ICTCS '16). ACM, New York, NY, USA, Article 47, 7 pages. DOI: http://dx.doi.org/10.1145/2905055.2905253 [DOI:10.1145/2905055.2905253]
  105. Paquette, S., P. Jaeger, and S. Wilson. 2010. Identifying the security risks associated with governmental use of cloud computing. Government Information Quarterly 27 (3): 245-253. [DOI:10.1016/j.giq.2010.01.002]
  106. Paquette, S., P. Jaeger, and S. Wilson. 2010. Identifying the security risks associated with governmental use of cloud computing. Government Information Quarterly 27 (3): 245-253. [DOI:10.1016/j.giq.2010.01.002]
  107. Pearson, S. 2012. Privacy, security and trust in cloud computing. Privacy and Security for Cloud Computing: 3-42. doi:10.1007/978-1-4471-4189-1_1 [DOI:10.1007/978-1-4471-4189-1_1]
  108. Pearson, S. 2012. Privacy, security and trust in cloud computing. Privacy and Security for Cloud Computing: 3-42. doi:10.1007/978-1-4471-4189-1_1 [DOI:10.1007/978-1-4471-4189-1_1]
  109. Pishchulov, G., A. Trautrims, T. Chesney, S. Gold, and L. Schwab. 2019. The voting analytic hierarchy process revisited: a revised method with application to sustainable supplier selection. International Journal of Production Economics doi: 10.1016/j.ijpe.2019.01.025. [DOI:10.1016/j.ijpe.2019.01.025]
  110. Pishchulov, G., A. Trautrims, T. Chesney, S. Gold, and L. Schwab. 2019. The voting analytic hierarchy process revisited: a revised method with application to sustainable supplier selection. International Journal of Production Economics doi: 10.1016/j.ijpe.2019.01.025. [DOI:10.1016/j.ijpe.2019.01.025]
  111. Rashmi Rai, S., G. Sahoo, & S. Mehfuz. 2013. Securing Software as a Service Model of Cloud Computing: Issues and Solutions. International Journal on Cloud Computing: Services and Architecture (IJCCSA,3 (4): 1-11. [DOI:10.5121/ijccsa.2013.3401]
  112. Rashmi Rai, S., G. Sahoo, & S. Mehfuz. 2013. Securing Software as a Service Model of Cloud Computing: Issues and Solutions. International Journal on Cloud Computing: Services and Architecture (IJCCSA,3 (4): 1-11. [DOI:10.5121/ijccsa.2013.3401]
  113. Reddy, P., and S. Bouzefrane. 2014. Analysis and detection of dos attacks in cloud computing by using qse algorithm. 2014 IEEE International Conference on High Performance Computing and Communications. Paris, France. [DOI:10.1109/HPCC.2014.183]
  114. Reddy, P., and S. Bouzefrane. 2014. Analysis and detection of dos attacks in cloud computing by using qse algorithm. 2014 IEEE International Conference on High Performance Computing and Communications. Paris, France. [DOI:10.1109/HPCC.2014.183]
  115. Rezaei, J. 2015. Best- worst multi criteria decision making methods. Omega 53: 49-57. [DOI:10.1016/j.omega.2014.11.009]
  116. Rezaei, J. 2015. Best- worst multi criteria decision making methods. Omega 53: 49-57. [DOI:10.1016/j.omega.2014.11.009]
  117. _____. 2016. Best-worst multi-criteria decision-making method: Some properties and a linear model, Omega 64: 126-30. [DOI:10.1016/j.omega.2015.12.001]
  118. _____. 2016. Best-worst multi-criteria decision-making method: Some properties and a linear model, Omega 64: 126-30. [DOI:10.1016/j.omega.2015.12.001]
  119. _____. 2020. A concentration ratio for nonlinear best worst method, International Journal of Information Technology & Decision Making 19. DOI: 10.1142/S0219622020500170. [DOI:10.1142/S0219622020500170]
  120. _____. 2020. A concentration ratio for nonlinear best worst method, International Journal of Information Technology & Decision Making 19. DOI: 10.1142/S0219622020500170. [DOI:10.1142/S0219622020500170]
  121. Rittinghouse, J. W., and J. F. Ransome. 2009. Security in the Cloud. In: Cloud Computing. Implementation, Management, and Security, CRC Press. Boca Raton- Florida
  122. Rittinghouse, J. W., and J. F. Ransome. 2009. Security in the Cloud. In: Cloud Computing. Implementation, Management, and Security, CRC Press. Boca Raton- Florida
  123. Rosado, D. G., R. Gómez, D. Mellado, and E. Fernández-Medina. 2012. Security analysis in the migration to cloud environments. Future Internet 4 (2): 469-487. [DOI:10.3390/fi4020469]
  124. Rosado, D. G., R. Gómez, D. Mellado, and E. Fernández-Medina. 2012. Security analysis in the migration to cloud environments. Future Internet 4 (2): 469-487. [DOI:10.3390/fi4020469]
  125. Rupra, S., and A. Omamo. 2020. A Cloud Computing Security Assessment Framework for Small and Medium Enterprises. Journal of Information Security. 11: 201-224. [DOI:10.4236/jis.2020.114014]
  126. Rupra, S., and A. Omamo. 2020. A Cloud Computing Security Assessment Framework for Small and Medium Enterprises. Journal of Information Security. 11: 201-224. [DOI:10.4236/jis.2020.114014]
  127. Saaty, T. L. 1980. The analytic hierarchy. New York: McGraw-Hill.
  128. Saaty, T. L. 1980. The analytic hierarchy. New York: McGraw-Hill.
  129. _____. 2008. The analytical hierarchy and analytical network measurement processes: application to decisions under risk. European Journal of Pure and Applied Mathematics 1 (1): 122-196. [DOI:10.29020/nybg.ejpam.v1i1.6]
  130. _____. 2008. The analytical hierarchy and analytical network measurement processes: application to decisions under risk. European Journal of Pure and Applied Mathematics 1 (1): 122-196. [DOI:10.29020/nybg.ejpam.v1i1.6]
  131. _____. 1990. How to Make a Decision: The Analytic Hierarchy Process. European Journal of Operational Research, 48, 9-26. http://dx.doi.org/10.1016/0377-2217 (90) 90057-I [DOI:10.1016/0377-2217(90)90057-I]
  132. _____. 1990. How to Make a Decision: The Analytic Hierarchy Process. European Journal of Operational Research, 48, 9-26. http://dx.doi.org/10.1016/0377-2217 (90) 90057-I [DOI:10.1016/0377-2217(90)90057-I]
  133. Safari, N., F. Safari, M. Kazemi, S. Ahmadi, and A. Hasanzadeh. 2015. Prioritisation of cloud computing acceptance indicators using fuzzy AHP. International Journal of Business Information Systems 19 (4): 488-504. [DOI:10.1504/IJBIS.2015.070206]
  134. Safari, N., F. Safari, M. Kazemi, S. Ahmadi, and A. Hasanzadeh. 2015. Prioritisation of cloud computing acceptance indicators using fuzzy AHP. International Journal of Business Information Systems 19 (4): 488-504. [DOI:10.1504/IJBIS.2015.070206]
  135. Sen, J. 2013. Security and privacy issues in cloud computing, Architectures and Protocols for Secure Information Technology Infrastructures. GI Global: Hershey, PA, USA, 2013., pp.1- 45. DOI: 10.4018/978-1-4666-4514-1.ch001 [DOI:10.4018/978-1-4666-4514-1.ch001]
  136. Sen, J. 2013. Security and privacy issues in cloud computing, Architectures and Protocols for Secure Information Technology Infrastructures. GI Global: Hershey, PA, USA, 2013., pp.1- 45. DOI: 10.4018/978-1-4666-4514-1.ch001 [DOI:10.4018/978-1-4666-4514-1.ch001]
  137. Singh Nishad, L., J. Akriti Paliwal, R. Pandey, S. Beniwal, and S. Kumar. 2016. Security, privacy issues and challenges in cloud computing: a survey. proceedings of the second international conference on information and communication technology for competitive strategies. Article No. 47. New York, USA. [DOI:10.1145/2905055.2905253]
  138. Singh Nishad, L., J. Akriti Paliwal, R. Pandey, S. Beniwal, and S. Kumar. 2016. Security, privacy issues and challenges in cloud computing: a survey. proceedings of the second international conference on information and communication technology for competitive strategies. Article No. 47. New York, USA. [DOI:10.1145/2905055.2905253]
  139. Soltanifar M., and F. Hosseinzadeh Lotfi. 2011. The voting analytic hierarchy process method for discriminating among efficient decision making units in data envelopment analysis. Computers & Industrial Engineering 60 (4): 585-592. [DOI:10.1016/j.cie.2010.12.016]
  140. Soltanifar M., and F. Hosseinzadeh Lotfi. 2011. The voting analytic hierarchy process method for discriminating among efficient decision making units in data envelopment analysis. Computers & Industrial Engineering 60 (4): 585-592. [DOI:10.1016/j.cie.2010.12.016]
  141. Subramanian, N., and A. Jeyaraj. 2018. Recent security challenges in cloud computing. Computers & Electrical Engineering 71: 28-42 [DOI:10.1016/j.compeleceng.2018.06.006]
  142. Subramanian, N., and A. Jeyaraj. 2018. Recent security challenges in cloud computing. Computers & Electrical Engineering 71: 28-42 [DOI:10.1016/j.compeleceng.2018.06.006]
  143. Sultan, N. A. 2011. Reaching for the "cloud": how SMEs can manage. International Journal of Information Management. 31 (3): 272-278. [DOI:10.1016/j.ijinfomgt.2010.08.001]
  144. Sultan, N. A. 2011. Reaching for the "cloud": how SMEs can manage. International Journal of Information Management. 31 (3): 272-278. [DOI:10.1016/j.ijinfomgt.2010.08.001]
  145. Sun, Y., J. Zhang, Y. Xiong, and G. Zhu. 2014. Data Security and Privacy in Cloud Computing. International Journal of Distributed Sensor Networks. Volume 2014, Article ID 190903, 9 pages 10 (7): 1-9. [DOI:10.1155/2014/190903]
  146. Sun, Y., J. Zhang, Y. Xiong, and G. Zhu. 2014. Data Security and Privacy in Cloud Computing. International Journal of Distributed Sensor Networks. Volume 2014, Article ID 190903, 9 pages 10 (7): 1-9. [DOI:10.1155/2014/190903]
  147. Tabrizchi, H., and M. Kuchaki Rafsanjani. 2020. A survey on security challenges in cloud computing: issues, threats, and solutions. The Journal of Supercomputing 79: 9493- 9532. [DOI:10.1007/s11227-020-03213-1]
  148. Tabrizchi, H., and M. Kuchaki Rafsanjani. 2020. A survey on security challenges in cloud computing: issues, threats, and solutions. The Journal of Supercomputing 79: 9493- 9532. [DOI:10.1007/s11227-020-03213-1]
  149. Tadapaneni, N. R. 2020. Cloud computing Security challenges. International journal of Innovations in Engineering research and Technology 7 (6): 1-5.
  150. Tadapaneni, N. R. 2020. Cloud computing Security challenges. International journal of Innovations in Engineering research and Technology 7 (6): 1-5.
  151. Tripathi, A., and A. Mishra. 2011. Cloud computing security considerations. In Proceedings of the 2011. IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), Xi'an, China, 14-16 September 2011; pp. 1-5. [DOI:10.1109/ICSPCC.2011.6061557]
  152. Tripathi, A., and A. Mishra. 2011. Cloud computing security considerations. In Proceedings of the 2011. IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), Xi'an, China, 14-16 September 2011; pp. 1-5. [DOI:10.1109/ICSPCC.2011.6061557]
  153. V. Patel, R., D. Bhoi, and G. S. Pawar. 2020. Security hazards, attacks and its prevention techniques in cloud computing: a detail review. International Journal of Scientific Research in Computer Science, Engineering and Information Technology 6 (4): 48-58.
  154. V. Patel, R., D. Bhoi, and G. S. Pawar. 2020. Security hazards, attacks and its prevention techniques in cloud computing: a detail review. International Journal of Scientific Research in Computer Science, Engineering and Information Technology 6 (4): 48-58.
  155. Wayne, J. 2011. Cloud hooks: Security and privacy issues in cloud computing. In System Sciences (HICSS), 2011 44th Hawaii International Conference on, pp. 1-10. IEEE. Kauai, HI, USA.
  156. Wayne, J. 2011. Cloud hooks: Security and privacy issues in cloud computing. In System Sciences (HICSS), 2011 44th Hawaii International Conference on, pp. 1-10. IEEE. Kauai, HI, USA.
  157. Xiao, Z., and Y. Xiao. 2013. Security and privacy in cloud computing, IEEE Communications Surveys & Tutorials 15 (2): 843-859. [DOI:10.1109/SURV.2012.060912.00182]
  158. Xiao, Z., and Y. Xiao. 2013. Security and privacy in cloud computing, IEEE Communications Surveys & Tutorials 15 (2): 843-859. [DOI:10.1109/SURV.2012.060912.00182]

فایل ها

سابقه مقاله

  • تاریخ دریافت: 19 آذر 1401
  • تاریخ بازنگری: 20 فروردین 1402
  • تاریخ پذیرش: 19 آذر 1401

هم رسانی

ارجاع به این مقاله

آمار