Ciência-IUL Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Zhao, T., Lechner, U., Pinto-Albuquerque, M. & Ata, E. (2022). Cloud of assets and threats: A playful method to raise awareness for cloud security in industry. In Simões, A., and Silva, J. C. (Ed.), OpenAccess Series in Informatics. Barcelos: Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing.

Exportar Referência (IEEE)

T. Zhao et al.,  "Cloud of assets and threats: A playful method to raise awareness for cloud security in industry", in OpenAccess Series in Informatics, Simões, A., and Silva, J. C., Ed., Barcelos, Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, 2022, vol. 102

Exportar BibTeX

@inproceedings{zhao2022_1714685202720,
	author = "Zhao, T. and Lechner, U. and Pinto-Albuquerque, M. and Ata, E.",
	title = "Cloud of assets and threats: A playful method to raise awareness for cloud security in industry",
	booktitle = "OpenAccess Series in Informatics",
	year = "2022",
	editor = "Simões, A., and Silva, J. C.",
	volume = "102",
	number = "",
	series = "",
	doi = "10.4230/OASIcs.ICPEC.2022.6",
	publisher = "Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing",
	address = "Barcelos",
	organization = "Polytechnic Institute of Cávado and Ave (IPCA)",
	url = "https://drops.dagstuhl.de/opus/portals/oasics/index.php?semnr=16244"
}

Exportar RIS

TY - CPAPER
TI - Cloud of assets and threats: A playful method to raise awareness for cloud security in industry
T2 - OpenAccess Series in Informatics
VL - 102
AU - Zhao, T.
AU - Lechner, U.
AU - Pinto-Albuquerque, M.
AU - Ata, E.
PY - 2022
DO - 10.4230/OASIcs.ICPEC.2022.6
CY - Barcelos
UR - https://drops.dagstuhl.de/opus/portals/oasics/index.php?semnr=16244
AB - Cloud computing has become a convenient technology widely used in industry, providing profit and flexibility to companies. Many enterprises embrace cloud service by migrating their products and solutions from on-premise to cloud environments. Cloud assets and applications are vulnerable to security challenges if not adequately protected. Regulations, standards and guidelines aim to enforce
cloud security controls in the industry and practitioners need training to raise awareness of cloud security issues and learn about the defense mechanisms and controls. We propose a serious game Cloud of Assets and Threats (CAT) for enhancing cloud security awareness of industrial practitioners.
This study extends first results of applying such a serious game in industry [25] and refines its design in two iterations. In the first design iteration, we implemented a digital game platform with six attack scenarios and developed a new player versus environment gaming mode. In the second design
iteration, we adjusted the attack scenarios and introduced different difficulty levels for the scenarios. We present, analyse, and discuss the game events. We conclude that CAT is a promising method to raise awareness for cloud security in the industry.
ER -