We contend that the way that cloud computing should
be assessed, is the same as the way cloud computing is
delivered: as a service. Indeed, the same characteristics
of the cloud that makes it hard to assess with existing
tools, also make it easy to assess with new ones,
especially the metering that is already built in for billing
and service-level assurance.
Risk assessment as a service is a new paradigm for
measuring risk as an autonomic method that follows
the on-demand, automated, multi-tenant architecture
of the cloud – a way to get a continuous “risk
score” of the cloud environment with respect to a given
tenant, a specific application, or more generally, for use
by new tenants and applications.
Wayne describes the process of bringing a paper from the basis of his Doctorial Thesis to presentation here. I like his description of Dr. Kaliski a “person who can write a paragraph faster than I can read one.”
You can read the entire paper here or see it presented at the Usenix HotCloud Workshop at the end of this month.
