Computing services that were traditionally hosted on organization’s private servers and networks are being outsourced to third party Cloud Service Providers (CSPs). Initial threat modeling on CSPs has concentrated on both the confidentiality (keeping data secret) and integrity (making sure the data has not changed) of data hosted in the public cloud. While these threats present real concerns, missing from threat models is the consideration of external threat sources that can affect the availability of Internet-facing cloud services. Availability in this context is not solely restricted to system downtime as a result of a Distributed Denial of Service (DDoS) attack, but also the long-term financial viability of being able to host services in the cloud due to Fraudulent Resource Consumption (FRC) attack.
Impact Factor
2022: 6.012
This work is licensed under a