Mean Failure Cost Extension Model towards Security Threats Assessment: A Cloud Computing Case Study

Abstract

The development of information technology leads to several kind of security threats which can cause different damages like financial losses. Security threat breaches affect specially the confidentiality, the integrity and the availability of a system. Indeed, as the environment continues to become more dynamic the process of making good security decisions is becoming more and more challenging. Hence, managers have to adopt successful policies and practices to prevent security breaches. They need to evaluate or assess security threats breaches. The main contributions of this paper is a new a quantitative analysis of information systems based threat classification approach. The proposed approach used threat classification to assess and evaluate threat impacts to develop strategies to mitigate the effects of threats classes on the system. The idea is to consider an average presence of threats in a class of threats in order to achieve a certain stability of this class in time. Then, we propose an approach that estimates the security of information systems.