DESIGN METHODOLOGY FOR SECURE CLOUD SYSTEMS

Abstract

Cloud computing popularity over traditional software and hardware has increased considerably over last decade. The on-demand, scalable, multi-tenant and measured service provisioning is making Cloud Computing and Services a hot favorite among not only industry big players but small to medium scale SMEs. As companies, customers and end users are moving their business and data to cloud, more concerns over Cloud Security is getting raised. As more and more software vulnerabilities are getting exploited by attackers and malicious users, huge cost is been spent in security attacks mitigation. This requires integration of security into application development lifecycle and adaptation of security related activities in software engineering practices and methodologies. In this thesis, we propose a Design Methodology using Security Engineering Framework that involves converting security requirement and threats into design decisions to mitigate identified vulnerabilities. A security design template is prepared considering various constraints and mitigation techniques that will help in later stages of design process.