A Novel Detection and Prevention (DAP) Framework for Abuse of cloud service threat

Abstract

Cloud security mitigation techniques has not reached the level of transparency and hence, the journey of understanding and accepting cloud computing services still remains uncharted for many organizations or individuals. While mitigation techniques for different security issues are actively being researched, however, there is still insignificancy in research on Abuse of Cloud Services threat, in particular. The threat has been identified as one of the top amongst nine by Cloud Security Alliance (CSA). The study proposes a Detection and Prevention (DAP) framework with fourteen major security measures for significant areas of concern in cloud business, operational and organizational. The key benefits of the framework are: it has improved the process of registration, resource allocation and asset inventory system. It has modeled an improvised human resource system for managing information processing facilities more efficiently, along with employee inventory system and malicious insider activity index. A universal cloud APIs process has been proposed to act as an integrator and decode service providers APIs to run business seamlessly. Furthermore, strategic plan for business continuity, disaster recovery and risk assessment processes have been proposed to define policies and procedures for running business during adverse circumstances. The security measures will be validated and evaluated with existing security infrastructure in cloud. The DAP framework is fully capable of providing better security preservation to the identified threat, which could be utilized for further development in cloud security infrastructure.