A Scalable Approach to Joint Cyber Insurance and Security-as-a-Service Provisioning in Cloud Computing
The main aim of this project is to combined approach to security and cyber insurance provisioning in the cloud based resources.
In this paper, we present SECaaS in firewall-style to provide security policy enforcement and monitoring infrastructure for network traffic, which focuses on network traffic analysis like IDS (Intrusion Detection System) implementations to identify attack behaviors. And then relationship between cyber insurance and SECaaS provisioning, containing a customer who uses applications, which receive Internet traffic in the form of packets. These packets are scanned by services from SECaaS providers, provisioned by a subscription management process (SMP). In the event that harmful packets elude security, cyber insurers, subscribed to by an insurance management process (IMP), provide compensation for damages incurred. In this application run on customer machine that we assume to be Internet-accessible, either on a cloud service such as Amazon. Applications receive data packets in accordance with their operating purpose, e.g. email data or financial transactions. Legitimate packets are called safe packets, while packets used in cyber attacks are called unsafe packets. Unsafe packets are deemed handled if they are correctly detected by security services, or unhandled if they are not successfully processed (for example if they are undetected). These unhandled packets will cause damage, which incurs costs to the customer will refund the amount to insurance company and then IMP will refund the particular data cost to customer.