{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T18:03:29Z","timestamp":1755799409722,"version":"3.44.0"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030010416"},{"type":"electronic","value":"9783030010423"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-01042-3_1","type":"book-chapter","created":{"date-parts":[[2018,9,25]],"date-time":"2018-09-25T06:59:16Z","timestamp":1537858756000},"page":"1-19","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Modeling Data Protection Vulnerabilities of Cloud Systems Using Risk Patterns"],"prefix":"10.1007","author":[{"given":"Alexander","family":"Palm","sequence":"first","affiliation":[]},{"given":"Zolt\u00e1n \u00c1d\u00e1m","family":"Mann","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"Metzger","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,26]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Ahvar, E., Ahvar, S., Mann, Z.\u00c1., Crespi, N., Garcia-Alfaro, J., Glitho, R.: CACEV: a cost and carbon emission-efficient virtual machine placement method for green distributed clouds. In: IEEE International Conference on Services Computing (SCC), pp. 275\u2013282. IEEE (2016)","DOI":"10.1109\/SCC.2016.43"},{"key":"1_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-319-29968-6_3","volume-title":"Graphical Models for Security","author":"L Apvrille","year":"2016","unstructured":"Apvrille, L., Roudier, Y.: SysML-sec attack graphs: compact representations for complex attacks. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 35\u201349. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_3"},{"issue":"1","key":"1_CR3","doi-asserted-by":"publisher","first-page":"2:1","DOI":"10.1145\/2767005","volume":"48","author":"CA Ardagna","year":"2015","unstructured":"Ardagna, C.A., Asal, R., Damiani, E., Vu, Q.H.: From security to assurance in the cloud: a survey. ACM Comput. Surv. 48(1), 2:1\u20132:50 (2015)","journal-title":"ACM Comput. Surv."},{"key":"1_CR4","doi-asserted-by":"crossref","unstructured":"Aviram, A., Hu, S., Ford, B., Gummadi, R.: Determinating timing channels in compute clouds. In: Proceedings of the 2nd ACM Cloud Computing Security Workshop, CCSW 2010, Chicago, IL, USA, pp. 103\u2013108, 8 Oct 2010","DOI":"10.1145\/1866835.1866854"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Bernsmed, K., Jaatun, M.G., Meland, P.H., Undheim, A.: Thunder in the clouds: security challenges and solutions for federated clouds. In: IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 113\u2013120. IEEE (2012)","DOI":"10.1109\/CloudCom.2012.6427547"},{"key":"1_CR6","unstructured":"Booth, G., Soknacki, A., Somayaji, A.: Cloud security: attacks and current defenses. In: 8th Annual Symposium on Information Assurance (ASIA\u201913), pp. 56\u201362 (2013)"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Bugiel, S., N\u00fcrnberger, S., P\u00f6ppelmann, T., Sadeghi, A.R., Schneider, T.: Amazonia: when elasticity snaps back. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, pp. 389\u2013400, 17\u201321 Oct 2011","DOI":"10.1145\/2046707.2046753"},{"issue":"3","key":"1_CR8","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1109\/TCC.2014.2344653","volume":"4","author":"K Djemame","year":"2016","unstructured":"Djemame, K., Armstrong, D., Guitart, J., Macias, M.: A risk assessment framework for cloud computing. IEEE Trans. Cloud Comput. 4(3), 265\u2013278 (2016)","journal-title":"IEEE Trans. Cloud Comput."},{"key":"1_CR9","doi-asserted-by":"publisher","first-page":"683","DOI":"10.1016\/j.procs.2018.04.120","volume":"130","author":"M Elrotub","year":"2018","unstructured":"Elrotub, M., Gherbi, A.: Virtual machine classification-based approach to enhanced workload balancing for cloud computing applications. Procedia Comput. Sci. 130, 683\u2013688 (2018)","journal-title":"Procedia Comput. Sci."},{"issue":"2","key":"1_CR10","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1007\/s10207-013-0208-7","volume":"13","author":"DAB Fernandes","year":"2014","unstructured":"Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V.P., Freire, M.M., In\u00e1cio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Sec. 13(2), 113\u2013170 (2014)","journal-title":"Int. J. Inf. Sec."},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Godfrey, M., Zulkernine, M.: A server-side solution to cache-based side-channel attacks in the cloud. In: IEEE Sixth International Conference on Cloud Computing (Cloud), pp. 163\u2013170. IEEE (2013)","DOI":"10.1109\/CLOUD.2013.21"},{"issue":"1","key":"1_CR12","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1109\/MSP.2013.20","volume":"11","author":"M Green","year":"2013","unstructured":"Green, M.: The threat in the cloud. IEEE Secur. Priv. 11(1), 86\u201389 (2013)","journal-title":"IEEE Secur. Priv."},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: IEEE International Conference on Cloud Computing, Cloud 2009, Bangalore, India, pp. 109\u2013116, 21\u201325 Sept 2009","DOI":"10.1109\/CLOUD.2009.60"},{"key":"1_CR14","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1016\/j.procs.2016.08.283","volume":"97","author":"K Kritikos","year":"2016","unstructured":"Kritikos, K., Massonet, P.: An integrated meta-model for cloud application security modelling. Procedia Comput. Sci. 97, 84\u201393 (2016)","journal-title":"Procedia Comput. Sci."},{"issue":"11","key":"1_CR15","doi-asserted-by":"publisher","first-page":"3357","DOI":"10.1109\/TC.2016.2529629","volume":"65","author":"Z\u00c1 Mann","year":"2016","unstructured":"Mann, Z.\u00c1.: Multicore-aware virtual machine placement in cloud data centers. IEEE Trans. Comput. 65(11), 3357\u20133369 (2016)","journal-title":"IEEE Trans. Comput."},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Mann, Z.A., Metzger, A.: Optimized cloud deployment of multi-tenant software considering data protection concerns. In: Proceedings of the 17th IEEE\/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 609\u2013618. IEEE Press (2017)","DOI":"10.1109\/CCGRID.2017.10"},{"key":"1_CR17","unstructured":"Mann, Z.A., Metzger, A., Schoenen, S.: Towards a run-time model for data protection in the cloud. In: Modellierung 2018, pp. 71\u201386. Gesellschaft f\u00fcr Informatik e.V. (2018)"},{"key":"1_CR18","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1016\/j.cose.2016.12.008","volume":"65","author":"J Meszaros","year":"2017","unstructured":"Meszaros, J., Buchalcevova, A.: Introducing OSSF: a framework for online service cybersecurity risk management. Comput. Secur. 65, 300\u2013313 (2017)","journal-title":"Comput. Secur."},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 173\u2013180. ACM (2010)","DOI":"10.1145\/1774088.1774125"},{"issue":"3","key":"1_CR20","doi-asserted-by":"publisher","first-page":"245","DOI":"10.1016\/j.giq.2010.01.002","volume":"27","author":"S Paquette","year":"2010","unstructured":"Paquette, S., Jaeger, P.T., Wilson, S.C.: Identifying the security risks associated with governmental use of cloud computing. Gov. Inf. Q. 27(3), 245\u2013253 (2010)","journal-title":"Gov. Inf. Q."},{"issue":"2","key":"1_CR21","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1145\/2431211.2431216","volume":"45","author":"M Pearce","year":"2013","unstructured":"Pearce, M., Zeadally, S., Hunt, R.: Virtualization: issues, security threats, and solutions. ACM Comput. Surv. (CSUR) 45(2), 17 (2013)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199\u2013212. ACM (2009)","DOI":"10.1145\/1653662.1653687"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Rocha, F., Correia, M.: Lucy in the sky without diamonds: stealing confidential data in the cloud. In: IEEE\/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 129\u2013134. IEEE (2011)","DOI":"10.1109\/DSNW.2011.5958798"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Schmieders, E., Metzger, A., Pohl, K.: Architectural runtime models for privacy checks of cloud applications. In: Proceedings of the Seventh International Workshop on Principles of Engineering Service-Oriented and Cloud Systems, pp. 17\u201323 (2015)","DOI":"10.1109\/PESOS.2015.11"},{"key":"1_CR25","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-662-48616-0_5","volume-title":"Service-Oriented Computing","author":"Eric Schmieders","year":"2015","unstructured":"Schmieders, E., Metzger, A., Pohl, K.: Runtime model-based privacy checks of big data cloud services. In: International Conference on Service-Oriented Computing, pp. 71\u201386 (2015)"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Schoenen, S., Mann, Z.\u00c1., Metzger, A.: Using risk patterns to identify violations of data protection policies in cloud systems. In: 13th International Workshop on Engineering Service-Oriented Applications and Cloud Services (WESOACS) (2017)","DOI":"10.1007\/978-3-319-91764-1_24"},{"key":"1_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"553","DOI":"10.1007\/978-3-642-10665-1_51","volume-title":"Cloud Computing","author":"J Sedayao","year":"2009","unstructured":"Sedayao, J., Su, S., Ma, X., Jiang, M., Miao, K.: A simple technique for securing data at rest stored in a computing cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 553\u2013558. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10665-1_51"},{"key":"1_CR28","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2014.04.009","volume":"45","author":"A Shameli-Sendi","year":"2014","unstructured":"Shameli-Sendi, A., Cheriet, M., Hamou-Lhadj, A.: Taxonomy of intrusion risk assessment and response system. Comput. Secur. 45, 1\u201316 (2014)","journal-title":"Comput. Secur."},{"key":"1_CR29","doi-asserted-by":"crossref","unstructured":"Somorovsky, J., Heiderich, M., Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the 3rd ACM Cloud Computing Security Workshop (CCSW 2011), pp. 3\u201314 (2011)","DOI":"10.1145\/2046660.2046664"},{"key":"1_CR30","doi-asserted-by":"crossref","unstructured":"Toeroe, M., Pawar, N., Khendek, F.: Managing application level elasticity and availability. In: 10th International Conference on Network and Service Management, pp. 348\u2013351 (2014)","DOI":"10.1109\/CNSM.2014.7014191"},{"key":"1_CR31","doi-asserted-by":"crossref","unstructured":"Watson, P., Little, M.: Multi-level security for deploying distributed applications on clouds, devices and things. In: IEEE 6th International Conference on Cloud Computing Technology and Science, pp. 380\u2013385 (2014)","DOI":"10.1109\/CloudCom.2014.72"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 305\u2013316. ACM (2012)","DOI":"10.1145\/2382196.2382230"}],"container-title":["Lecture Notes in Computer Science","System Analysis and Modeling. Languages, Methods, and Tools for Systems Engineering"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-01042-3_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,19]],"date-time":"2025-08-19T21:53:50Z","timestamp":1755640430000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-01042-3_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030010416","9783030010423"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-01042-3_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"SAM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on System Analysis and Modeling","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 October 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 October 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sam2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/sdl-forum.org\/Events\/SAM2018\/index.htm","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}