Mohamed Almorsy

Learn More
Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements(More)
The Infrastructure-as-a-Service (IaaS) cloud computing model has become a compelling computing solution with a proven ability to reduce costs and improve resource efficiency. Virtualization has a key role in supporting the IaaS model. However, virtualization also makes it a target for potent rootkits because of the loss of control problem over the hosted(More)
Multi-tenancy helps service providers to save costs, improve resource utilization, and reduce service customization and maintenance time by sharing of resources and services. On the other hand, supporting multi-tenancy adds more complexity to the shared application's required capabilities. Security is a key requirement that must be addressed when(More)
Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications’ security. Hackers can easily exploit vulnerabilities in such publically accessible services. In(More)
Cloud computing is a new computational paradigm that offers an innovative business model for organizations to adopt IT without upfront investment. Despite the potential gains achieved from the cloud computing, the model security is still questionable which impacts the cloud model adoption. The security problem becomes more complicated under the cloud model(More)
Software-as-a-service (SaaS) multi-tenancy in cloud-based applications helps service providers to save cost, improve resource utilization, and reduce service customization and maintenance time. This is achieved by sharing of resources and service instances among multiple “tenants” of the cloud-hosted application. However, supporting multi-tenancy adds more(More)
Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are(More)
New security threats arise frequently and impact on enterprise software security requirements. However, most existing security engineering approaches focus on capturing and enforcing security requirements at design time. Many do not address how a system should be adapted to cope with new unanticipated security requirements that arise at runtime. We describe(More)
Reviewing software system architecture to pinpoint potential security flaws before proceeding with system development is a critical milestone in secure software development lifecycles. This includes identifying possible attacks or threat scenarios that target the system and may result in breaching of system security. Additionally we may also assess the(More)
Cloud computing introduces a new paradigm shift in service delivery models. However, the potential benefits reaped from the adoption of this model are threatened by public accessibility of the cloud-hosted services and sharing of resources. This increases the possibility of malicious service attacks. Existing cloud platforms do not provide a means to(More)