A new BRB model for security-state assessment of cloud computing based on the impact of external and internal environments

To predict the security state of cloud computing systems, a belief rule base (BRB) assessment model based on the impact of external and internal environments is proposed in this paper. The proposed BRB-based model includes two BRBs denoted as BRB_1 and BRB_2. BRB_1 is used to capture the relationship between the impact of external environment and the hidden behavior. BRB_2 is employed to construct the assessment model of hidden behavior with the impact of the internal environment as the observable data. The impact of the internal environment on the security state of a cloud computing system can be obtained by evidential reasoning (ER) rule with multiple indicators. Moreover, in the proposed BRB model, there are a few parameters whose initial values are usually provided by experts; these are not likely to be accurate and can result in inaccurate assessment. Therefore, an optimal algorithm for training the parameters of the assessment model is further proposed on the basis of the maximum likelihood (ML) algorithm. A case study of the security-state assessment of a cloud computing platform, wherein external attack and internal system events are used as the impact of the environment, is examined to demonstrate the potential applications of the proposed model.