Risk assessment of Cloud Carrier
Data centers are main infrastructures to host cloud service applications. The security and performance of cloud data centers has been extensively studied for the past several years. However, there is lack of study on both security and performance of Cloud Carrier which provides connectivity and transport between the cloud user and cloud provider. A cloud provider does not offer guaranteed Cloud Carrier resources to users. The security and performance of Cloud Carrier is currently out of users' control. In this thesis, we provide an assessment of risks in the Cloud Carrier. Specifically, we focus on the risks caused by the vulnerabilities on the routers in the Cloud Carrier. As cloud users do not have any control over the selection of routers, the security requirements of the data outsourced by cloud users is a matter of concern. There is a need for an auditing tool to assess risk of the Cloud Carrier for commercial cloud providers (Amazon, Microsoft, Rackspace and Google) and provide a mechanism to identify the data centers which have the most secure Cloud Carrier. Our analysis is based on determining the risks of routers which lie between cloud user and cloud provider based on the vulnerabilities from National Vulnerability Database (NVD) which is the repository of standards for the US government. With the risk level for each router, we are able to characterize the risk of the Cloud Carrier.^
Swetha Reddy Lenkala,
"Risk assessment of Cloud Carrier"
ETD Collection for Tennessee State University.