White Rose University Consortium logo
University of Leeds logo University of Sheffield logo York University logo

Engineering Threat Modelling Tools for Cloud Computing

Aydin, Muhammed (2016) Engineering Threat Modelling Tools for Cloud Computing. MPhil thesis, University of York.

thesis.pdf - Examined Thesis (PDF)
Available under License Creative Commons Attribution-Noncommercial-No Derivative Works 2.0 UK: England & Wales.

Download (731Kb) | Preview


The rise in the use of cloud computing has also been accompanied by increasing numbers of online security incidents and concern about the overall security of cloud services. Current threat modelling methods, one of the most common ways of identifying threats to systems, are not able to provide a useful remedy to this. The manual threat modelling techniques require experts and can take too long, and the automatic tools are aimed primarily at software developers and do not apply to systems. This thesis presents the underlying theory for Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a threat modelling tool developed to identify threats to cloud computing systems. Cloud-COVER models the system under observation, and determines the priority of threats by using a system of relative preferences provided by the tool user. Cloud-COVER also looks at how threats from individual parts of the system present a danger to other parts of the deployment, identifying ways in which beachhead based attacks can be prevented. Cloud-COVER's model is abstracted in such a way that it is extensible, allowing users to shift the model's perspective to suit their own circumstances. This work presents a number of major and minor contributions to security and threat modelling. The main contributions of this thesis are an alternative way of ranking threats by using relative preferences, and an extensible model which analyses the way threats can propagate through systems by looking at the permissions given to connections between instances.

Item Type: Thesis (MPhil)
Academic Units: The University of York > Computer Science (York)
Depositing User: Mr Muhammed Aydin
Date Deposited: 09 Nov 2016 12:53
Last Modified: 09 Nov 2016 12:53
URI: http://etheses.whiterose.ac.uk/id/eprint/15396

You do not need to contact us to get a copy of this thesis. Please use the 'Download' link(s) above to get a copy.
You can contact us about this thesis. If you need to make a general enquiry, please see the Contact us page.

Actions (repository staff only: login required)