{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T04:51:09Z","timestamp":1773377469539,"version":"3.50.1"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319723884","type":"print"},{"value":"9783319723891","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-72389-1_47","type":"book-chapter","created":{"date-parts":[[2017,12,6]],"date-time":"2017-12-06T14:53:21Z","timestamp":1512572001000},"page":"594-608","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["A Security Risk Management Model for Cloud Computing Systems: Infrastructure as a Service"],"prefix":"10.1007","author":[{"given":"Mouna","family":"Jouini","sequence":"first","affiliation":[]},{"given":"Latifa Ben Arfa","family":"Rabai","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,12,7]]},"reference":[{"key":"47_CR1","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1109\/MC.2003.1185215","volume":"36","author":"B Barry","year":"2003","unstructured":"Barry, B., LiGuo, H.: Value-based software engineering: a case study. IEEE Comput. 36, 33\u201341 (2003)","journal-title":"IEEE Comput."},{"key":"47_CR2","doi-asserted-by":"crossref","unstructured":"Saripalli, P., Walters, B.: QUIRC: a quantitative impact and risk assessment framework for cloud security. In: The Proceedings of the IEEE 3rd International Conference on Cloud Computing, pp. 280\u2013288 (2009)","DOI":"10.1109\/CLOUD.2010.22"},{"key":"47_CR3","doi-asserted-by":"crossref","first-page":"3946","DOI":"10.1016\/j.ins.2011.04.051","volume":"181","author":"M An","year":"2011","unstructured":"An, M., Chen, Y., Baker, C.J.: A fuzzy reasoning and fuzzy-analytical hierarchy process based approach to the process of railway risk information: a railway risk management system. Inf. Sci. 181, 3946\u20133966 (2011)","journal-title":"Inf. Sci."},{"key":"47_CR4","doi-asserted-by":"crossref","unstructured":"Wang, J.A., Xia, M., Zhang, F.: Metrics for information security vulnerabilities. In: Proceedings of Intellect base International Consortium, vol. 1, pp. 284\u2013294 (2009)","DOI":"10.1145\/1413140.1413191"},{"key":"47_CR5","unstructured":"Yuri, D., Leon, G., Cees, L.: Web services and grid security vulnerabilities and threats analysis and model, Bas Oudenaarde, Advanced Internet Research Group, University of Amsterdam, Kruislaan 403, NL-1098 SJ Amsterdam, The Netherlands (2000)"},{"key":"47_CR6","unstructured":"ISO\/IEC 27005: Information Technology\u2014Security Techniques\u2014Information Security Risk Management, International Organization for Standardization (2007)"},{"key":"47_CR7","first-page":"110","volume":"3","author":"AHM Emam","year":"2013","unstructured":"Emam, A.H.M.: Additional authentication and authorization using registered email-ID for cloud computing. Int. J. Soft Comput. Eng. 3, 110\u2013113 (2013)","journal-title":"Int. J. Soft Comput. Eng."},{"key":"47_CR8","unstructured":"ISO. BS ISO 31000: Risk management. Principles and guidelines (2009)"},{"key":"47_CR9","unstructured":"ISO. BS ISO\/IEC 27005: Information technology. Security techniques. Information security risk management (2011)"},{"key":"47_CR10","unstructured":"Gary, S., Alice, G., Alexis, F.: Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and Technology, NIST Special Publication 800-30 (2002)"},{"key":"47_CR11","unstructured":"Xuan, Z., Nattapong, W., Hao, L., Xuejie, Z.: Information security risk management framework for the cloud computing environments. In: 10th IEEE International Conference on Computer and Information Technology (CIT 2010) (2010)"},{"issue":"2","key":"47_CR12","first-page":"136","volume":"1","author":"RP Padhy","year":"2011","unstructured":"Padhy, R.P., Patra, M.R., Satapathy, S.C.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inf. Technol. Secur. 1(2), 136\u2013146 (2011)","journal-title":"Int. J. Comput. Sci. Inf. Technol. Secur."},{"key":"47_CR13","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/978-3-642-12035-0_25","volume-title":"Information Systems, Technology and Management","author":"A Sangroya","year":"2010","unstructured":"Sangroya, A., Kumar, S., Dhok, J., Varma, V.: Towards analyzing data security risks in cloud computing environments. In: Prasad, S.K., Vin, H.M., Sahni, S., Jaiswal, M.P., Thipakorn, B. (eds.) ICISTM 2010. CCIS, vol. 54, pp. 255\u2013265. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-12035-0_25"},{"key":"47_CR14","doi-asserted-by":"crossref","unstructured":"Alberts, C., Dorofee, A., Stevens, J., Woody, C.: Introduction to the OCTAVE approach. Software Engineering Institute (2003)","DOI":"10.21236\/ADA634134"},{"key":"47_CR15","doi-asserted-by":"crossref","unstructured":"Kevin, S.: Virtualisation as a Blackhat Tool. In: Network Security, pp. 4\u20137. Elsevier, New York (2007)","DOI":"10.1016\/S1353-4858(07)70092-2"},{"key":"47_CR16","unstructured":"SLA Management Team: SLA Management Handbook, 4th edn. Enterprise Perspective (2004)"},{"key":"47_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"556","DOI":"10.1007\/978-3-540-73597-7_54","volume-title":"Web Engineering","author":"G Frankova","year":"2007","unstructured":"Frankova, G.: Service level agreements: web services and security. In: Baresi, L., Fraternali, P., Houben, G.-J. (eds.) ICWE 2007. LNCS, vol. 4607, pp. 556\u2013562. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-73597-7_54"},{"key":"47_CR18","unstructured":"Patel, P., Ranabahu, A., Sheth, A.: Service level agreement in cloud computing. In: Cloud Workshops at OOPSLA 2009 (2009)"},{"key":"47_CR19","doi-asserted-by":"crossref","first-page":"462","DOI":"10.1016\/j.pisc.2016.05.001","volume":"8","author":"KJ Bineet","year":"2016","unstructured":"Bineet, K.J., Mohit, K.S., Bansidhar, J.: Security threats and their mitigation in infrastructure as a service. Perspect. Sci. 8, 462\u2013464 (2016)","journal-title":"Perspect. Sci."},{"key":"47_CR20","unstructured":"Wesam, D., Ibrahim, T.: Infrastructure as a service security: challenges and solutions (2008)"},{"key":"47_CR21","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.jnca.2010.07.006","volume":"34","author":"S Subashini","year":"2011","unstructured":"Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34, 1\u201311 (2011)","journal-title":"J. Netw. Comput. Appl."},{"key":"47_CR22","unstructured":"Intel IT Center: Planning Guide: Virtualization and Cloud Computing, White paper (2013)"},{"issue":"2","key":"47_CR23","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/IJERTCS.2016070101","volume":"7","author":"J Mouna","year":"2016","unstructured":"Mouna, J., Latifa, B.R.: A multi-dimensional mean failure cost model to enhance security of cloud computing systems. Int. J. Embed. Real Time Commun. Syst. (IJERTCS) 7(2), 1\u201314 (2016)","journal-title":"Int. J. Embed. Real Time Commun. Syst. (IJERTCS)"},{"key":"47_CR24","doi-asserted-by":"crossref","first-page":"184","DOI":"10.17706\/jcp.10.3.184-194","volume":"10","author":"J Mouna","year":"2015","unstructured":"Mouna, J., Latifa, B.R.: Mean failure cost extension model towards a security threats assessment: a cloud computing case study. J. Comput. 10, 184\u2013194 (2015)","journal-title":"J. Comput."},{"key":"47_CR25","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1016\/j.jksus.2012.06.002","volume":"25","author":"J Mouna","year":"2013","unstructured":"Mouna, J., Latifa, B.R., Anis, B.A., Ali, M.: A cyber security model in cloud computing environments. J. King Saud Univ. Comput. Inf. Sci. 25, 63\u201375 (2013)","journal-title":"J. King Saud Univ. Comput. Inf. Sci."},{"key":"47_CR26","doi-asserted-by":"crossref","unstructured":"Mouna, J., Latifa, B.R., Ridha, K.: A multidimensional approach towards a quantitative assessment of security threats. In: ANT\/SEIT 2015, vol. 52, pp. 507\u2013514 (2015)","DOI":"10.1016\/j.procs.2015.05.024"},{"key":"47_CR27","doi-asserted-by":"crossref","unstructured":"Mouna, J., Latifa, B.R.: Surveying and analyzing security problems in cloud computing environments. In: CIS 2014, pp. 689\u2013693 (2014)","DOI":"10.1109\/CIS.2014.169"},{"key":"47_CR28","first-page":"137","volume":"6","author":"BO Lawal","year":"2013","unstructured":"Lawal, B.O., Ogude, C., Abdullah, K.K.A.: Security management of infrastructure as a service in cloud computing. Afr. J. Comput. ICT Ref. Format 6, 137\u2013146 (2013)","journal-title":"Afr. J. Comput. ICT Ref. Format"},{"key":"47_CR29","unstructured":"Ibrahim, A.S., Hamlyn-Harris, J., Grundy, J.: Emerging security challenges of cloud virtual infrastructure. In: The Asia Pacific Software Engineering Conference 2010 Cloud Workshop (2010)"},{"key":"47_CR30","first-page":"707","volume":"3","author":"PR Jaiswal","year":"2014","unstructured":"Jaiswal, P.R., Rohankar, A.W.: Infrastructure as a service: security issues in cloud computing. IJCSMC 3, 707\u2013711 (2014)","journal-title":"IJCSMC"},{"key":"47_CR31","doi-asserted-by":"crossref","unstructured":"Jenson, M., Schwenk, J., Gruschka, N., Lo Iacono, L.: Ontechnical security issues in cloud computing. IEEE (2009)","DOI":"10.1109\/CLOUD.2009.60"},{"key":"47_CR32","volume-title":"Cloud Security","author":"RL Krutz","year":"2014","unstructured":"Krutz, R.L., Vines, R.D.: Cloud Security. Wiley Publication, Indianapolis (2014)"}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Anonymity in Computation, Communication, and Storage"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-72389-1_47","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,28]],"date-time":"2025-06-28T07:33:47Z","timestamp":1751096027000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-72389-1_47"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319723884","9783319723891"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-72389-1_47","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}