{"id":"https://openalex.org/W4402811962","doi":"https://doi.org/10.1109/csr61664.2024.10679395","title":"Third-party Cloud Risk Management","display_name":"Third-party Cloud Risk Management","publication_year":2024,"publication_date":"2024-09-02","ids":{"openalex":"https://openalex.org/W4402811962","doi":"https://doi.org/10.1109/csr61664.2024.10679395"},"language":"en","primary_location":{"id":"doi:10.1109/csr61664.2024.10679395","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679395","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071804045","display_name":"Breno Silva Pinto","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Breno Silva Pinto","raw_affiliation_strings":["Research Engineering Tenchi Security,Bras&#x00ED;lia,Brazil"],"affiliations":[{"raw_affiliation_string":"Research Engineering Tenchi Security,Bras&#x00ED;lia,Brazil","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107494408","display_name":"Lucas Cioffi","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lucas Cioffi","raw_affiliation_strings":["Research Engineering Tenchi Security,S&#x00E3;o Paulo,Brazil"],"affiliations":[{"raw_affiliation_string":"Research Engineering Tenchi Security,S&#x00E3;o Paulo,Brazil","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109788625","display_name":"Felipe Esp\u00f3sito","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Felipe Esp\u00f3sito","raw_affiliation_strings":["Research Engineering Tenchi Security,Rio de Janeiro,Brazil"],"affiliations":[{"raw_affiliation_string":"Research Engineering Tenchi Security,Rio de Janeiro,Brazil","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5071804045"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.7823,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.79126837,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"445","last_page":"451"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9585000276565552,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9585000276565552,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9577999711036682,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11891","display_name":"Big Data and Business Intelligence","score":0.95660001039505,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6762000918388367},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6252846121788025},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.4475487172603607},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.43087872862815857},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2314966320991516},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1293843388557434}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6762000918388367},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6252846121788025},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.4475487172603607},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43087872862815857},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2314966320991516},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1293843388557434},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr61664.2024.10679395","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679395","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W110814554","https://openalex.org/W1491856479","https://openalex.org/W2112995928","https://openalex.org/W2318224047","https://openalex.org/W2726910570","https://openalex.org/W2969293349","https://openalex.org/W3003257820","https://openalex.org/W3005102823","https://openalex.org/W3159979075","https://openalex.org/W4214938748"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W4244478748","https://openalex.org/W4223488648","https://openalex.org/W2134969820","https://openalex.org/W2251605416","https://openalex.org/W2560439919","https://openalex.org/W4389340727","https://openalex.org/W3150465815","https://openalex.org/W1997222214"],"abstract_inverted_index":{"Organizations":[0],"are":[1,18,135],"concerned":[2],"about":[3],"risks":[4,125],"within":[5],"the":[6,31,34,88,114,147,162,172,180],"supply-chain.":[7],"These":[8],"include":[9],"externally":[10],"managed":[11],"products,":[12],"services":[13],"and":[14,47,51,93,100,139,145],"connected":[15],"environments":[16],"that":[17,96],"implicitly":[19],"or":[20,112,123],"explicitly":[21],"trusted":[22],"and,":[23],"if":[24],"compromised,":[25],"may":[26],"be":[27,55,65],"used":[28],"to":[29,45,54,70,86,143],"harm":[30],"organization.":[32],"Managing":[33],"cybersecurity":[35],"risk":[36,79,148],"of":[37,116,127,149,168,174,182],"a":[38,42,77,137,150,175],"third-party's":[39],"environment":[40],"is":[41,106,171],"difficult":[43],"problem":[44],"solve,":[46],"requires":[48],"many":[49],"technological":[50,62],"business":[52],"aspects":[53],"in":[56,113,184],"place.":[57],"For":[58],"cloud":[59,91,151,185],"environments,":[60,75],"these":[61,74],"problems":[63],"can":[64,97],"overcome":[66],"by":[67],"using":[68],"APIs":[69],"collect":[71],"data":[72],"from":[73],"enabling":[76],"continuous":[78],"assessment":[80],"process.":[81],"Existing":[82],"methods":[83],"typically":[84],"fail":[85],"consider":[87],"connections":[89],"between":[90],"customers,":[92],"overlook":[94],"mechanisms":[95],"continually":[98],"measure":[99],"reduce":[101],"third-party":[102],"risks.":[103],"Risk":[104],"analysis":[105],"often":[107,119],"based":[108],"on":[109],"one-off":[110],"audits":[111],"use":[115],"questionnaires,":[117],"which":[118,153],"ends":[120],"up":[121],"transferring":[122],"accepting":[124],"instead":[126],"effectively":[128],"reducing":[129],"them.":[130],"In":[131],"this":[132,169],"study":[133],"we":[134],"proposing":[136],"simpler":[138],"automatable":[140],"quantitative":[141],"method":[142,177],"calculate":[144],"monitor":[146],"supply-chain,":[152],"takes":[154],"into":[155],"account":[156],"not":[157],"only":[158],"third-parties":[159],"but":[160],"also":[161],"first-party":[163],"itself.":[164],"An":[165],"additional":[166],"innovation":[167],"work":[170],"formalization":[173],"new":[176],"for":[178],"defining":[179],"severity":[181],"misconfigurations":[183],"environment.":[186]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-03-25T13:04:00.132906","created_date":"2025-10-10T00:00:00"}