Abstract
With the advent of cloud computing and wireless sensor networks, the number of cyberattacks has rapidly increased. Therefore, the proportionate security of networks has become a challenge for organizations. Information security advisors of organizations face difficult and complex decisions in the evaluation and selection of information security controls that permit the defense of their resources and assets. Information security controls must be selected based on an appropriate level of security. However, their selection needs intensive investigation regarding vulnerabilities, risks, and threats prevailing in the organization as well as consideration of the implementation, mitigation, and budgetary constraints of the organization. The goal of this paper was to improve the information security control analysis method by proposing a formalized approach, i.e., fuzzy Analytical Hierarchy Process (AHP). This approach was used to prioritize and select the most relevant set of information security controls to satisfy the information security requirements of an organization. We argue that the prioritization of the information security controls using fuzzy AHP leads to an efficient and cost-effective assessment and evaluation of information security controls for an organization in order to select the most appropriate ones. The proposed formalized approach and prioritization processes are based on International Organization for Standardization and the International Electrotechnical Commission (ISO/IEC) 27001:2013. But in practice, organizations may apply this approach to any information security baseline manual.
Highlights
Two evolving technologies, cloud computing and Wireless Sensor Networks (WSNs), have been integrated
Accurate selection of Information Security Controls (ISCs) and evaluation can help organizations in risk assessment exercises for their cloud networks integrated with wireless sensor networks
This paper presented a model to prioritize the ISCs of ISO/IEC 27002:2013 based on the Fuzzy Analytical Hierarchy Process (FAHP) to improve the efficiency of organizations in risk management
Summary
Two evolving technologies, cloud computing and Wireless Sensor Networks (WSNs), have been integrated. Wireless sensor networks have performed a great role in the field of information technology by enabling cloud organizations to strengthen their monitoring systems. Wireless sensor networks provide uninterrupted and distributed operations that are important in the field of cloud computing and conventional networks. Both technologies are opposite and cover each other’s drawbacks. The majority of organizations apply conventional network information security standards on WSNs. this study considered the same Information Security Controls (ISCs) for wireless sensor networks that are deployed for information security in cloud computing networks for evaluation and prioritization
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
