Scalable risk assessment method for cloud computing using game theory (CCRAM)

Cloud Computing is one of the most popular information processing concepts of today’s IT world. The security of the cloud computing is complicated because each service model uses different infrastructure elements. Security elements implemented in a model are transferred to other persons or entities in another model. Each asset may need different security level than other assets depending on the deployment or service model. Therefore, unnecessary security measures may be applied for unimportant information. This may cause to increase the cost of protection. Current risk assessment models generally cannot be applied to cloud computing systems that changes its states very rapidly. In this work, a scalable security risk assessment model has been proposed for cloud computing as a solution of this problem using game theory. Using this method, we can evaluate whether the risk in the system should be fixed by cloud provider or tenant of the system. Keywords— Cloud Computing Security, Scalable Security using Cloud Service Models, Game Theory Security Modeling