Nemesis: Automated Architecture for Threat Modeling and Risk Assessment for Cloud Computing

P. Kamongi, M. Gomathisankaran, K. Kavi
Cloud Computing, Threat Assessment, Security Ontology, Compliance, Security SLA

It is critical to ask and address the following type of questions, both as a cloud computing architect who has designed and deployed a public, or private, or hybrid cloud; or a user who benefits from available cloud services: What are the types of threats facing the cloud’s assets? Is there any scale to indicate the cloud’s assets threat level? Is there any metric to characterize critical vulnerabilities facing the cloud’s assets? In this paper, we present a novel automated architecture for threat modeling and risk assessment for cloud system called Nemesis, which address all the above and other related questions. With Nemesis, we use ontologies knowledge bases to model the threats and assess the risks of the given cloud system. To realize this feat, we built ontologies for vulnerabilities, defenses and attacks and automatically instantiate them to generate the Ontologies Knowledge Bases (OKBs). These OKBs capture the relationship between vulnerabilities, defenses mechanisms and attacks. We use the generated OKBs and Microsoft STRIDE model [7] to classify the threats and map them to relevant vulnerabilities. This is used together with the cloud configurations and the Bayesian threat probability model in assessing the risk. Apart from classifying the given cloud system’s threats and assessing its risk, we deliver two useful metrics to rank the severity of classified threat types and to evaluate exploitable vulnerabilities. In addition, we recommend an alternative cloud system’s configuration with a lower perceived risk, and mitigations techniques to counter classified threat types. For the proof of concept of our proposed architecture, we have designed an OpenStack’s [25] based cloud and deployed various services. Then, we evaluated our Nemesis, and presented our findings. Our proposed architecture can help evaluate the security threat level of any cloud computing configurations, and any configurations of shared technologies found in computing systems.

Publish Date: 
Sunday, December 14, 2014
6th ASE International Conference on Privacy, Security, Risk and Trust (PASSAT-2014)