A new BRB model for security-state assessment of cloud computing based on the impact of external and internal environments

Hang Wei, Guan Yu Hu, Zhi Jie Zhou, Pei Li Qiao, Zhi Guo Zhou, You Min Zhang

Research output: Contribution to journalArticle

3 Scopus citations


To predict the security state of cloud computing systems, a belief rule base (BRB) assessment model based on the impact of external and internal environments is proposed in this paper. The proposed BRB-based model includes two BRBs denoted as BRB_1 and BRB_2. BRB_1 is used to capture the relationship between the impact of external environment and the hidden behavior. BRB_2 is employed to construct the assessment model of hidden behavior with the impact of the internal environment as the observable data. The impact of the internal environment on the security state of a cloud computing system can be obtained by evidential reasoning (ER) rule with multiple indicators. Moreover, in the proposed BRB model, there are a few parameters whose initial values are usually provided by experts; these are not likely to be accurate and can result in inaccurate assessment. Therefore, an optimal algorithm for training the parameters of the assessment model is further proposed on the basis of the maximum likelihood (ML) algorithm. A case study of the security-state assessment of a cloud computing platform, wherein external attack and internal system events are used as the impact of the environment, is examined to demonstrate the potential applications of the proposed model.

Original languageEnglish (US)
Pages (from-to)207-218
Number of pages12
JournalComputers and Security
Publication statusPublished - Mar 1 2018



  • Belief rule base (BRB)
  • Cloud computing
  • External and internal environments
  • Hidden behavior assessment
  • Security state

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Cite this