Cloud Security Quantitative Assessment Based on Mobile Agent and Web Service Interaction

  • Abir KhaldiEmail author
  • Kamel Karoui
  • Henda Ben Ghezala
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10026)


Cloud security is very challenging and is becoming a research hot topic. Thus, the adoption of the security assessment would be the key to evaluate and to enhance the cloud security level. The security assessment can be quantitative or qualitative. This paper proposes a cloud security quantitative assessment (CSQA) model. This proposed model evaluates the security of any cloud service (XaaS) exposed to attacks and vulnerabilities affecting its quality and specially its availability. It is based on mobile agent and web service interaction framework.


Cloud security Security assessment Mobile agent Web service 


  1. 1.
  2. 2.
    Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Human Factors Society, 32nd Annual Meeting, Santa Monica, CA (1988)Google Scholar
  3. 3.
    Bass, T., et al.: A glimpse into the future of ID.
  4. 4.
    Chen, X.Z., et al.: Quantitative hierarchical threat evaluation model for network security. J. Softw. 17(4), 885–897 (2006)CrossRefzbMATHGoogle Scholar
  5. 5.
    Jibao, L., et al.: Study of network security situation awareness model based on simple additive weight and grey theory. IEEE (2006)Google Scholar
  6. 6.
    Yong, Z., Xiaobin, T., Hongsheng, X.: A novel approach to network security situation awareness based on multiperspective analysis. In: 2007 International Conference on Computational Intelligence and Security, pp. 768–772. IEEE, December 2007Google Scholar
  7. 7.
    Xiaorong, C., Su, L., Mingxuan, L.: Research of network security situational assessment quantization based on mobile agent. Phys. Procedia 25, 1701–1707 (2012)CrossRefGoogle Scholar
  8. 8.
    Dastjerdi, A.V., Bakar, K.A., Tabatabaei, S.G.H.: Distributed intrusion detection in clouds using mobile agents. In: 3rd International Conference on Advanced Engineering Computing and Applications in Sciences (2009)Google Scholar
  9. 9.
    Toumi, H., Eddaoui, A., Talea, M.: Cooperative intrusion detection system framework using mobile agents for cloud computing. J. Theor. Appl. Inf. Technol. 70(1) (2014)Google Scholar
  10. 10.
    Doelitzscher, F., et al.: An agent based business aware incident detection system for cloud environments. J. Cloud Comput. 1(1) (2012)Google Scholar
  11. 11.
    Zargar, S.T., Takabi, H., Joshi, J.B.D.: DCDIDP: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, Florida (2011)Google Scholar
  12. 12.
    Kamongi, P., et al.: Vulcan: vulnerability assessment framework for cloud computing. In: 7th International Conference on Software Security and Reliability (SERE). IEEE (2013)Google Scholar
  13. 13.
    Saripalli, P., Walters, B.: QUIRC: a quantitative impact and risk assessment framework for cloud security. In: 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD). IEEE (2010)Google Scholar
  14. 14.
    Albakri, S.H., et al.: Security risk assessment framework for cloud computing environments. Secur. Commun. Netw. 7(11), 2114–2124 (2014)CrossRefGoogle Scholar
  15. 15.
    Sen, A., Madria, S.: Off-line risk assessment of cloud service provider. In: 2014 IEEE World Congress on Services (SERVICES). IEEE (2014)Google Scholar
  16. 16.
    Mell, P., Grance, T.: The NIST definition of cloud computing. NIST Special Publication 800–145 (Draft) (2011). Accessed 11 Oct 2015Google Scholar
  17. 17.
    Schaffer, H.E.: X as a service, cloud computing, and the need for good judgment. IT Prof. 11(5), 4–5 (2009)CrossRefGoogle Scholar
  18. 18.
    DoD Directive 3600.1, Information Operations, December 1996Google Scholar
  19. 19.
    Lange, D., Oshima, M.: Seven good reasons for mobile agents. Commun. ACM (1999)Google Scholar
  20. 20.
    Lemahieu, W.: Web service description, advertising and discovery: WSDL and beyond. In: Vandenbulcke, J., Snoeck, M. (eds.) Leuven University Press (2001)Google Scholar
  21. 21.
    Khaldi, A., Karoui, K., Tanabene, N., Ben Ghzala, H.: A secure cloud computing architecture design. In: 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 289–294. IEEE (2014)Google Scholar
  22. 22.
    Snort, January 2016.
  23. 23.
    Aglet, January 2016.
  24. 24.
    Ben Ftima, F., Karoui, K.: Interaction mobile agents - web services. In: Encyclopedia of Multimedia Technology and Networking, 2 edn., pp. 717–725 (2007)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.RIADI Laboratory, ENSIUniversity of ManoubaManoubaTunisia

Personalised recommendations