Abstract:
|
The Cloud computing paradigm is offering an innovative and promising vision concerning the Information and Communications Technology (ICT). Notwithstanding, the use
of Cloud resources, which usually are external assets to their consumers, implies risk issues that must be taken into account.
In this paper, we present a Cloud computing risk management approach aware of the Business-Level Objectives (BLOs) of a given Cloud organization. More to the point, we propose an innovatory SEmi-quantitative BLO-driven Cloud Risk Assessment (SEBCRA) as its core subprocess. In addition, we present, as a use case, a Cloud Service Provider (CSP) that is able to improve the achievement of a BLO, i.e. profit maximization, by managing, assessing, and treating Cloud risks. As demonstrated in the experimentation, this provider maximizes its profit by transferring risks of provisioning its private Cloud to third-party providers of Cloud infrastructures. |