ABSTRACT
Cloud technology is one of the most evolving technologies where many organizations, nowadays, migrate the on-premises data center to the cloud, and so are the new entrepreneurs. Consequently, the risk assessment of cloud security has a massive impact on identifying and mitigating threats, vulnerabilities, and monitoring and helps the organization’s business run securely in the cloud. To secure cloud services, cloud security is a collection of security measures designed for protecting cloud-based infrastructure, applications, and data. In this chapter, we have reviewed two risk assessment models and three risk management frameworks for the existing and non-existing cloud users. Our analysis mainly revolves around two questions: whether a framework effectively addresses both phases of risk management (risk assessment and risk treatment) and whether a framework enables the cloud service provider and the customer to efficiently assess as well as mitigate cloud security risks. We have identified a few discrepancies involving the models and frameworks. We have also suggested some improvements and future research directions.
