Abstract
Cloud Computing is a new paradigm that provides software and hardware resources based on customers’ needs. However, data security remains a significant concern, acting as a major barrier to its widespread adoption. The objective of this work is to propose a process for assessing data risks in Cloud Computing. The process is based on fuzzy cognitive maps (FCMs) for qualitative reasoning. Risk assessment is a crucial aspect of Cloud Computing. Our proposed system involves three main steps based on expert knowledge. In the first step, a global FCM was built and validated to identify threats at the Cloud Computing level. Then the second step was devoted to calculate the consequences by inference using FCM Expert. The obtained results show that the FCM has a remarkable capacity to deal with the uncertainty of the data; by doing so, it becomes possible to model the real system more accurately. The last step is to simulate, analyze the results of the second step in Matlab Simulink and also develop recommendations to reduce the risks in order to improve and increase the security of Cloud data.
Keywords
Introduction
In recent years, the computer industry has witnessed the rise in popularity of a new paradigm known as Cloud Computing. Although the concept of Cloud Computing is not new and was first introduced by John McCarthy in 1960 [1], this paradigm has taken off 2002, mostly due to Amazon. As the Cloud had storage and processing capacity greater than his needs, Amazon decided to resell them. As of 2010, Cloud Computing has become the fastest growing segment among business applications and is on its way to becoming the norm for most businesses. Cloud Computing is the current trend that promises a major evolution in computing. Cloud users do not need any knowledge or experience related to the technology behind the services offered according to the IDC research firm “International Data Corporation” [2].
Cloud computing, like any other distributed computing system, is continuously exposed to various threats from numerous sources [3, 4]. Thus, cloud security is now a very important concern for providers and users [5, 6]. Therefore, Cloud Computing can only deliver on its promises with the assurance of a high level of security, accessibility and availability. However, security is often cited as the main barrier to Cloud Computing adoption [7]. The rapid development of this model has created a whole new range of security, and privacy issues, such as information degradation or loss, theft or unauthorized transfer of information, data localization, compliance and compliance maintenance, and issues with sharing technologies.
In the Cloud Computing environment, many researchers are interested in data security in the cloud, such as the research carried out in [1, 8–12]. Due to the importance of Cloud data, these researchers considered that it’s the main resource that must be protected in the cloud. They presented some of the techniques that can be used to protect data. In the cited work [12, 13]; a proposed scheme can be used to protect data stored in the cloud. Our work is based on a detailed study of data security in Cloud Computing. In addition, we propose a new system that allows the assessment of risks of the Cloud data in order to reduce these risks and ensure a higher level of protection.
The system being proposed is built on the qualitative reasoning of Fuzzy Cognitive Maps (FCM). FCMs are a modeling methodology based on the exploitation of knowledge and experience. In 1986, Kosko’s FCM methodology is one of the most significant qualitative soft computing methods [14], as an extension of a cognitive map. The FCM approach is a flexible computational method that provides a powerful and flexible framework for knowledge representation and reasoning and a practical tool for dynamic system modeling.
Like other traditional cognitive maps, FCM is a graph knowledge-based method that is made up of concepts and the causal relationships that connect them. The main difference between FCMs and other models is that FCMs use fuzzy sets to represent concepts, and fuzzy connections to describe their relationships. In other words, the inclusion of fuzzy feedback in the FCM structure offers the possibility of obtaining and modeling causal information. According to [15], FCM may be described by two features. The first one is a particular link between concepts of different intensities that are represented by uncertain fuzzy numbers. The second is system dynamicity, which refers to how the system evolves or changes over time. The main advantage of FCM lies in its ability to incorporate human knowledge and refine it through learning processes [16].
FCMs are an approach that uses both fuzzy logic and artificial neural networks to model complex systems. They are similar to recurrent neural networks and are often used for decision-making and prediction in various fields, including finance, engineering, and medicine. In other words, FCMs are a combination of fuzzy logic, expert systems, and neural networks that serve as a powerful tool for simulating and researching the dynamic behavior of complex systems. As a result, from an Artificial Intelligence (AI) perspective, FCMs can learn according to their dynamic structure. The FCM’s capacity to learn enhances both its computational behavior and structure [16–18].
FCMs have been applied in diverse domains including decision making, agricultural systems, environmental management, control systems, time series forecasting, psychology and behavioral science, classification, education, electrical and software engineering, political science, social science, medicine, engineering, robotics, information technology, and telecommunications, etc [15, 19–22]. These various works are the results of many characteristics it possesses. Among these characteristics, we mention qualitative modeling, ease of perception, high capacity to cope with uncertainties, capability to describe nonlinear and causal processes, flexibility, and explainability [21, 23].
The basic idea of this work is to leverage FCMs in Cloud Computing, particularly in Cloud data security. In the proposed system, the use of FCM qualitative reasoning ensures the coherence of partial decisions (for different threat classes) created during our risk assessment process. It enables us to understand the reasons behind past decisions by analyzing causality. Additionally, they allow us to predict future outcomes based on past data, providing solutions and recommendations to enhance cloud data security by reducing potential risks.
The utilization of FCM for Cloud data risk assessment provides the convenience of analyzing, monitoring, tracking, and predicting the security status of Cloud Computing. In this work, the graphical form of FCMs makes the results obtained more readable and understandable. Generally, Cloud experts aim to minimize the risks of Cloud data to guarantee the best security, which is made possible by developing a new process based on FCM.
In this paper, some fundamental aspects of Cloud Computing and security concerns are discussed. The paper also highlights various types of threats that have been documented in the literature and proposes a novel approach for assessing these threats using FCMs. Additionally, the paper provides an application example that has been integrated into the FCM Expert and MATLAB tool.
So, the principal objective of this paper is to present a new and alternative approach to Cloud data risk assessment through the proposed process. We provide a brief overview of related works in Cloud Computing and FCM domain in sections 2 and 3. In section 4, we will provide motivation and describe the proposed approach. The proposed approach will be implemented and illustrated by some examples in section 5. In section 6, we will present the experimental results. The execution scenario and validation will be shown in section 7. Finally, in section 8, we will conclude this work and provide some perspectives.
Cloud computing
Cloud Computing is considered the fifth generation of architecture. Although there are many definitions of Cloud Computing in the literature, there is one that is widely accepted as authoritative, which was issued by the National Institute of Standards and Technology (NIST) [5]. The NIST view of Cloud Computing is based on three service models, four deployment models, and five essential characteristics. The three service models defined by NIST are:
Generally, there are two key parts of the Cloud Computing model as presented in [25] a front-end, and a back-end. The front end is a representation of the side that users can see, such as the computer and programs. The cloud system is represented by the back end, which is not visible to consumers such the storage media and cloud servers. In addition to the previously mentioned components, the cloud environment is made up of the five layers shown in [10, 26]. These layers include the client layer, which is operated on laptops by cloud users to access cloud services; the application layer is a representation of cloud services and the apps that cloud customers utilize; platform layer which provides the cloud applications; infrastructure layer represents the cloud storage, databases, etc.; and the server layer.
In this paper, we will focus on threats that are likely to affect users in the private cloud, PaaS, and SaaS service models.
Security issues and top cloud computing threats
Although cloud computing offers many benefits such as cost savings, scalability, and ease of use, it also has some disadvantages. Cloud computing presents several technical challenges such as server misconfigurations, power outages, hardware failures, and overheating [25]. Due to the distributed and dynamic nature of the infrastructure, it is also vulnerable to a range of threats and difficulties. Security and privacy are among the main concerns and challenges facing cloud computing.
In [27], the results illustrate the main challenges related to cloud computing. Security has the highest percentage value (66%) compared to other challenges. Security concerns in cloud environments include threats to users such as malicious insiders, cloud service abuse, account hijacking, and denial of service attacks [26].
The Cloud Security Alliance (CSA) has released a report called “Top Threats to Cloud Computing,” which highlights the seven most significant threats to cloud computing [28]. These threats have been analyzed and classified into four categories, based on a comprehensive study [24, 29–34]: data threats (e.g. data loss, data breach), access threats (e.g. malicious insiders, account or service hijacking, weak identity and access management), threats specific to the cloud environment (e.g. insecure API, insufficient diligence, shared technological vulnerabilities, misuse of cloud services, system and application vulnerabilities) and network threats (e.g. advanced persistent threats (APT), denial of service).
Fuzzy Cognitive Mapping (FCM)
Hard computing methods are based on quantitative values, which can be expensive and may not accurately represent real-world situations due to uncertainties. On the other hand, soft computing techniques provide an alternative approach for tackling complex problems [35]. To achieve more robust and tractable solutions, soft computing techniques like fuzzy logic, neural networks, evolutionary algorithms or a combination of these are often implemented. A quantitative approach and a qualitative approach are the two methodologies used to model and analyze dynamic systems. Sometimes, modeling complex and nonlinear systems quantitatively can be difficult and expensive [36]. In contrast, the limitations described above do not exist in qualitative approaches [21]. In 1986, Kosko proposed FCMs as an expansion of cognitive maps, which are a type of important qualitative soft computing method. Researchers are very interested in FCM due to its strong capacity to solve complex and dynamic issues [37].
FCM is a method used to simulate complex real-world situations [14, 39]. It can handle both qualitative and quantitative inputs and outputs, making it possible to combine assessments of a problem that are based on both types of data [23, 40]. They can be used to represent different perspectives and draw conclusions about the values and beliefs of different individuals and groups, as well as reflect unique mental models of how the world operates [41].
Formalization of fuzzy cognitive maps
FCM is a tool that combines fuzzy logic with neural network techniques to handle uncertainties and complex characteristics of different systems. It is a type of cognition network that is developed by experts through an interactive procedure of knowledge acquisition [14, 43].
An FCM is a signed fuzzy weighted digraph that expresses causal relationships between ideas and information at different granularity levels [44]. It is made up of a collection of n linked nodes (C1, C2,..., Cn) that represent the variable concepts of the modeled system, such as inputs, outputs, states, and events. Signed weighted arcs are used to connect these nodes and define the causal relationships between them [15]. The dynamics of the model are illustrated by the interactions between these nodes (concepts). Generally, the edge weight Wij that connects two concepts Ci and Cj is given a value on the interval [–1, 1] to indicate three possible types of relationship [45]: positive causality (Wij > 0), negative causality (Wij < 0), or independence (Wij = 0) between the two nodes. The value of Wij indicates how strongly concept Ci influences concept Cj [46]. In a weight connection matrix Wn×n, the map is shown. Each row in the matrix represents the causal relationship between concept Ci and all other concepts in the map [44]. In a given iteration, the state vector A1×n denotes the present values of n concepts (nodes). Equation (1) is utilized to calculate the value of each concept by considering the impact of other concepts on the designated concept [46–48].
Where
Figure 1 shows an example FCM for the data threat class and its adjacency matrix. Ci is a concept with a state value. The state value can be represented as a fuzzy value between 0 and 1, indicating the degree of existence of a concept, or as a binary value of 0 or 1, indicating whether a concept is open or closed.

(a) An FCM proposed by Cloud Computing expert and (b) its adjacency matrix.
In the first rule mentioned, the function f () is used to limit the activation value of each concept within the allowed range. This function can take on various forms, such as bivalent, trivalent, hyperbolic tangent, or sigmoid, depending on the specific requirements of the system [49, 50].
Bivalent and trivalent are both discrete and produce a limited number of states. The sigmoid function and the hyperbolic tangent are both members of the continuous group and result in infinite states [21, 51]. According to a benchmarking research conducted by S. Bueno and J. L. Salmeron [49], the sigmoid activation function provides the best performance when compared to other functions.
The success of FCM modeling depends heavily on the methodology used for design and construction [39]. There are many main methods to develop an FCM, which depend on the system being modeled. These methods can be classified into three categories: development methods based on documents, methods based on experts, and methods based on calculation (automatic).
Although these approaches have several advantages, we are interested in this work in the first two categories, more particularly, in the method of construction of the FCMs based on the knowledge of the experts and the documents.
New extensions of FCM
In 2023, according to [81], authors obtained 23 papers proposing 24 extensions as a result of a detailed search. In this subsection, we present some previously proposed extensions of FCMs (in the last five years) that have been built on by new extensions.
Quantum FCM (QFCM)
In order to provide the facility for simultaneous static and dynamic analyses, a new training algorithm called the quantum FCM (QFCM) [75] is developed, which operates totally automatically. In the proposed algorithm, the quantum inspired evolutionary algorithm (QEA) and the particle swarm optimization algorithm are employed for generating static and dynamic analyses properties respectively. Instead of coding the presence and absence of links between concepts with 1 and 0, the QFCM models the probability of their existence or inexistence with a Q-bit, which is the smallest information unit in the QEA.
Interval type-2 FCM (IT2FCM)
In [76], authors have proposed a new Interval Type-2 (IT2) Fuzzy Cognitive Map (FCM)-based system for controlling the flight of quadcopters. This system addresses the problems of altitude, attitude and position control. The proposed system, which is identified as IT2-FCM, includes all the concepts related to drones that are necessary for proper path tracking and stabilizing control performance. The degree of mutual influence among the concepts has been designed using the input of domain experts who have taken into account the dynamics of drones and the rules governing proportional integral derivative (PID) controllers. To take into account the uncertainty that arises from the opinions of domain experts, IT2 fuzzy logic systems are employed, which are powerful tools for modeling high levels of uncertainty.
Neuro-Fuzzy Cognitive Map (NFCM)
A new model called NFCM, based on neuro-fuzzy inference system, was presented in [77]. This model has an advantage over FCM because it obtains the weights of connecting links by using a NFIS. By training this system, it adjusts the parameters of fuzzy rules. This means that in addition to the knowledge and experience of specialists, the NFCM also exploits the existing data to train the inference system for determining the rules and obtaining the weights. Therefore, NFCM is a suitable method for modeling uncertainty, hesitancy, or incomplete information in the considered field.
Related works
In recent years, Cloud Computing has attracted the attention of many researchers in different aspects. The security issue considered as a main issue in the Cloud Computing, especially Cloud data security. In 2013, security was the most significant issue in Cloud Computing, as noted by the authors in [52], accounting for 87% of the problems. In 2016, the authors of [27] stated that security was the highest priority, with a value of 66%. From a security perspective, several threats affect the domain of Cloud Computing. Improving cloud data security can be made easier by identifying the nature, level of impact, and purpose of potential threats, according to various researchers. For example, in 2010, the Cloud Security Alliance (CSA) identified the top threats to Cloud Computing. These included abuse and nefarious use of Cloud Computing, insecure interfaces and APIs, malicious insiders, data loss or leakage, account or service hijacking, and insecure interfaces and APIs. Twenty eight cloud security threats were found by the researchers and were grouped into five categories [53]: security standards, network, access control, cloud infrastructure, and data. Network, data, and specific threats to the cloud environment are the three categories into which the researchers divided the top threats to Cloud Computing [32]. In [10], the researchers discussed data breaches, data loss, account or service hijacking, insecure interfaces and APIs, denial-of-service, data location, and malicious insiders as top threats to Cloud Computing. Five different categories of threats were defined by the researchers in [54], whereas 26 threats were provided, together with potential challenges and suggested solutions [25]. Also in another work [24], the different threats are classified into four classes: data threats, access threats, threat specific to the Cloud environment and network threat.
In our work, we have developed a cloud data security risk assessment process based on the latest classification. This process is based on FCMs qualitative reasoning. Not many applications have used FCMs in Cloud Computing yet, but they have demonstrated their effectiveness in other areas: electrical circuits [55], political developments [56], virtual sea world of dolphins, shark and fish [57], organizational behavior and job satisfaction [58], economic demographics of world nations [59], qualitative simulation of construction performance [78], advanced medical decisions [79], the design game-based learning systems [80], business process performance measurement [81], medical and bioinformatics [82], flight control system for quadcopters [76], soft computing approaches for time series forecasting [83], classification of imbalanced data [84], and the cognitive radio networks [85]... etc.
We proposed a new system called
Towards a dynamic system to assess the cloud security risks
Cloud computing is a rapidly-changing and distributed environment where different entities from various domains need to collaborate dynamically, exchanging and sharing a large amount of personal information efficiently, transparently, and in a scalable manner. Additionally, these entities often interact with each other without prior knowledge.
In order to make data security more scalable and suitable, it is crucial to have dynamic and flexible security management between users and Cloud service providers. The challenge of ensuring the security of information and data in the Cloud persists due to the lack of a reliable security model that meets user requirements. This problem has been addressed in previous studies, but no effective solution has been found.
We have conducted a thorough analysis of the limitations of current security systems, and as a result, we have developed a new security system called SDFCM (Dynamic Security based on Fuzzy Cognitive Maps). This new system is based on FCMs to model data and assess potential risks. The choice to use this paradigm in security modeling was guided by the main interests of FCMs, which can be summarized as follows: FCM is a qualitative modeling tool used to represent human perception of complex systems in a simple way that all participants can understand. FCMs are well-suited for modeling safety uncertainty as they have a strong capability to handle imprecise, fuzzy, and unstructured information that is difficult to estimate experimentally. Opportunity to input qualitative estimates and output results with reliability and distribution, not just values data. Opportunity to formalize evaluation criteria and compare using “most,” “may,” “mostly” manipulations. Using FCMs, fast simulation of complex dynamic systems with a high degree of accuracy is now easily achievable. FCM is a dynamic modeling tool that induces cause-effect relationships and also the feedback mechanism, making it effective for capturing dynamic system behavior. FCM is an evolutionary modeling technique that allows evolving the global state of the cloud domain by increasing the number of concepts and causal relationships.
These different characteristics make FCMs more suitable for modeling security in complex and dynamic environments such as Cloud Computing. In our security system, FCMs are used to calculate the risk degree in the field of Cloud Computing. For example, a high degree of protection of a customer’s database ensures that their information is secure and trustworthy. While a low degree means that most (or all) of the criteria necessary to establish security are not met.
The proposed system describes the process of assessing data risks in the cloud. This process is the result of extensive research [24, 86]. The aim of our work is to propose a cloud risk assessment system using FCMs, a qualitative decision support tool.
Our DSFCM system is designed to ensure and enhance cloud security through three main steps. The first step involves identifying various threats that may exist at the Cloud Computing level. The second step involves calculating the consequences of these threats. Finally, in the last step, we will provide recommendations to reduce the risks. In the following sections, we will elaborate on each step in detail.
Identifying cloud computing threats
The most crucial step in our cloud data risk assessment system is threat identification (as shown in Fig. 2). In this step, we conducted a thorough and specific search to identify the various threats documented in the literature. We also created the relevant FCMs associated to each threat class.

Architecture of the first step in the risk assessment process.
In this section, we are based on the most critical threats that exist in Cloud Computing as presented by Cloud Security Alliance and others [24, 30–34]. These threats are classified into four types in this study: data threats, access threats, threat specific to the Cloud environment and network threat.
Construction of the associated FCM
Our research involves the use of FCM theory. It is a type of graph where the nodes are fuzzy sets, and the directed edges of the graph represent causal relationships between the factors. The edges also determine the degree of influence connected to each factor, which is measured as weights. The weight of an edge is either a number from the interval [–1, 1] or a linguistic scale value such as {Low, Medium, High}. These values characterize the strength of influence relevant to the connection or degree of reliance on the presence of this connection.
The methods of analysis used in FCM operations involve the application of fuzzy mathematics. The following is the most commonly used approach for calculating fuzzy influence: suppose that between factors f
i
and f
j
there are m paths, and I
r
(f
i
, f
j
) denotes influence of f
i
on f
j
along r path, and T(f
i
, f
j
) aggregate influence of f
i
on f
j
along all m paths. Then:
Where wp,p + 1 is the weight of oriented graph of fp on fp +1 along the r path. Thereby Ir(fi, fj) highlights the most weak connection of fi on fj along r path (2), and T(fi, fj) highlights the most strong connection in Ir (fi, fj) (3). In our approach, the strongest connections in Ir (fi, fj) will correspond to probability of threat realization.
As previously mentioned, our security model relies on FCMs to evaluate and mitigate risks associated with Cloud Computing. FCMs are particularly adept at handling security uncertainty in complex systems like the Cloud and are capable of dynamically representing system behavior. There are various techniques employed for building and designing FCMs [60]. These methods can be classified into two categories; deductive methods and inductive or automatic methods. Deductive methods rely on human expertise and domain knowledge, while inductive methods use historical data from a given system to build a FCM model [14].
In our system, we will use a deductive modeling method because our work is based on documents and results from expert knowledge. This step consists of two sub-steps: identification of key security concepts and causal relationships between them.
a. Concepts (threats)
The FCM is modeled as a directed graph labeled G(C, E) where:
In compliance with recent studies [24, 86] and the opinion of many domain experts, we have identified a set of threats (concepts) that can cause significant damage to an organization’s data, assets, profitability, and reputation. The most important concept list is presented in Table 1.
The list of FCM concepts associated to our system
b. Causal relationships
The second step to building the FCM consists of determining the influence and the degree of influence of a concept on another concept [39]. The notation of causal relationships is E = {eij |i, j ∈ C, E ⊆ C× C}. E is a set of arcs representing the causal links between the nodes of the graph. So, every arc eij ∈ E represents a one-way causal relation directed from concept Ci to concept Cj, such that Ci and Cj ∈ C. Each arc eij is assigned a weight wij ∈ [–1, 1], which expresses the degree of value correlation of the concept Ci to the value of the concept Cj. In FCMs, the weight Wij can indicate a positive relationship Wij > 0, negative Wij < 0 or no relationship between the concepts Ci and Cj (Wij = 0).
In general, the weights values that correspond to the causal relations between the concepts have an imprecise or uncertain nature and it is difficult to represent them precisely with a mathematical model. In this context, the use of fuzzy logic to express these causal relationships seems more appropriate, as it deals with inaccurate and ambiguous information [61]. Moreover, it allows an element to belong to a set with membership degrees included in the continuous real interval [0, 1], rather than overall {0, 1}. Using this approach, Cloud domain experts can describe the degree of influence of one concept on another by linguistic variables of the set T (influence):
T(influence) = {Very Strong Negative (VSN), Strong Negative (SN), Medium negative (MN), Weak Negative (WN), Zero (Z), Weak Positive (WP), Medium Positive (MP), Strong Positive (SP), Very Strong Positive (VSP)}.
The nine linguistic variables represent the three possible types of influence of one concept on another in FCMs; positive, negative or no influence in the interval U = [–1, 1]. For example, the very strong negative variable (VSN) means “a negative influence less than –75% ”, the variable Zero (Z) means “no influence”, the very strong positive variable (VSP) means “a positive influence greater than 75% ”, etc... In our work, experts do not have to assign numerical values to causal relationships but describe the degree of causality between concepts linguistically. Each expert estimates the values of the causal links between the concepts using the linguistic variables of the set T. Then, all linguistic values proposed for the same weight Wij, are combined using the SUM operator of fuzzy logic and a global linguistic value is produced. At the end of this step, the center-of-gravity (CoG) defuzzification method is used to calculate the numerical value of Wij that belongs to the interval [–1,+1] from the global linguistic value obtained [11].
Figure 3. The membership functions of triangular form which corresponds to the linguistic variables of the set T.

shows the membership functions of triangular form which corresponds to the linguistic variables of the set T.
In the proposed system, we have based on the opinion of three Cloud domain experts. These experts are invited to build the FCM associated to each class of threats. The fusion of the three developed FCMs is made in order to obtain an FCM modeling each class of threats. The main purpose is to get more accurate results. To understand the process of FCM fusion, e.g. experts (1, 2, 3) propose the respective linguistic values SP, VSP and SP for the same weight Wij, these linguistic variables (SP, VSP and SP) are summed up and an global linguistic weight is produced. Then, using the CoG method, the global linguistic value is transformed to the numerical value 0.79, as shown in Fig. 4. Using this approach, the weight matrices (connections) can be constructed after determining all the weights of the causal relationships. Finally, note that for each Wij ∈ Wn×n, if i = j, then Wij = 0, because we suppose that no concept can influence itself.

Aggregation of the three linguistic variables (SP, VSP and SP) using the SUM operator of fuzzy logic.
In our work and according to the detailed study on the various threats that exist at the level of Cloud Computing. We have associated to each class of threats an FCM that allows describing the different causes or the different specific elementary threats. The four resulting FCMs are combined into a global FCM describing all threats in Cloud Computing. The objective of modeling each class of threat alone is to obtain more accurate, realistic, and logical results. To also facilitate the follow-up of the inference process to arrive at the best recommendations that reduces these threats.
Once the step of constructing the different FCMs is finished, we continue with the step of calculating the consequences (Fig. 5). This step consists of the inference process execution. A very important step before performing this process is to transform each FCM to a matrix form. This form makes it easier to manipulate FCMs in order to apply the inference process.

Architecture of the second step of the proposed process.
The inference process used in our work is the same as presented in [37, 63]. Except in the threshold function, we used the sigmoid function. The following algorithm summarizes this inference process.
The proposed risk assessment process produces recommendations for reducing risks and using cloud services, which are generated by the information-analytical system. Along with these recommendations, the output includes the levels of general and individual risks for each concept that corresponds to a specific object on cloud computing security issues. This information can be used to further ensure the information security of the organization.
Therefore, in this last step, a global knowledge base of the Cloud domain is built by inferring all possible scenarios, that is, see what will happen if any possible combination of concepts is activated. Therefore, according to the data entered and the possible scenarios, we will deduce and elaborate our recommendations, and also the possible solutions whose aim is to reduce the risks of the Cloud data in order to increase the security degree. The detail and application of this step is shown in the next section.
System testing and results
In this section, we describe the main functionality of the system by presenting the three principal steps as they were described in section 5. In our work, in order to FCMs construction, also inference process execution, we used the FCM Expert tool. In addition, to make simulations, Matlab Simulink is also used.
Identifying cloud computing threats
The first step is devoted to the FCMs construction used in our system. We based on the threat classification proposed in [24]. This classification makes it possible to group the various threats into four classes. Each class is modeled by a FCM under the FCM Expert platform. The fusion of these different FCMs is a global FCM representing all the existing threats in our field of application which is Cloud Computing.
To fully understand the operation of our system and according to the opinions of experts in the cloud domain, we limit the concepts representing the different classes to the first fourteen concepts shown in Table 1 to facilitate monitoring of the proposed approach to assess the risks of Cloud data.
In order to have a global view of the data risks, a combination of all the FCMs of these threats is made. The result is a global FCM using the “Augmented Topology” function in FCM Expert. Figure 6 shows the global FCM.

Result of the inference process execution on the global FCM.
In this step, we will calculate the consequences of our security model by inference process execution. Our experiments are based on practical examples. In each scenario, a combination of concepts (threats) is activated.
In the proposed system, the global state of the cloud security is shown by the inference process execution on the global FCM and also by analyzing the obtained results (Fig. 6).
The summary of the implementation of the inference mechanism is as follows; firstly, the FCM starts and sets the activation level of each node to a specific threshold function. Secondly, the nodes start interacting with each other by multiplying the matrix between the state vector (ai) and the edge weights (Wij). This interaction continues until the system reaches a stabilized state, limit cycle or chaotic behavior. In the stabilized state, the concept node values fluctuate in the initial iteration (transient state), but they stabilize when the constant point equilibrium (steady state) is reached.
According to the results presented in the previous figure, we can see that the security degree changes when the value of the activated concepts is changed. For example, availability is increased when encryption is increased, but in the same time a decrease in data risk, data loss and data breach is observed, and this is due to increased network security, encryption, and access control and identity management. Throughout the inference process execution, the value of the concepts is increased or decreased until a stable phase of our system describing the global state of the Cloud security.
Elaborate recommendations to reduce risks
The development of recommendations (Fig. 7) is the most important step in our system. The different typical behaviors are transformed to a rule base. In other words, it is simulating the inference results of the FCM Expert platform for each threat. We chose a Mamdani type fuzzy inference system with input and output variables.

Architecture of the third step.
Mamdani fuzzy inference is a method to create a control system by synthesizing a set of linguistic control rules obtained from experienced human operators. In a Mamdani system, the output of each rule is a fuzzy set. Mamdani systems have more intuitive and easier to understand rule bases, they are well-suited to expert system applications such is the case in our domain.
For a better simulation of our system, we modeled the inference of all classes of threats: data threat, threat specific to the Cloud environment, access threat, and network threat. Each threat class has its own set of variables.
In our work, we modeled the inference process in FCMs by the inference system under Matlab Simulink to transform the inference results into more logical results for non-specialists. In the following sections, we show the main steps to building each inference system of each threat class.
•Fuzzification of input variables
The variables vary in an interval (according to the inference table under FCM Expert). According to our needs, we have chosen a domain of variation [–1, 1], and nine triangular type membership functions are laquoVSN [–1, –0.75], SN [–1, –0.5], MN [–0.75, –0.25], WN [–0.5, 0], Z [–0.25, 0.25], WP [0, 0.5], MP [0.25, 0.75], SP [0.5, 1], VSP [0.75, 1]raquo.
•Fuzzification of output variables
We have chosen a domain of variation [0, 1], and five membership functions of triangular type are laquoZ [0, 0.25], WP [0, 0.5], MP [0.25, 0.75], SP [0.5, 1], VSP [0.75, 1]raquo with two parameters.
•Inference rules
The manipulation of symbolic and logical rules has made possible one of the great successes of artificial intelligence. Their objective is, through the manipulation of a large number of rules, to make a judgment on a problem in a specific domain.
•Defuzzification of output variables
The results obtained using the fuzzy logic rules explain each rule and the changes that occur in its domain.
According to these obtained results, the final stage of the risk assessment process involves creating a list of recommendations for reducing the risk level. After a detailed analysis of these results with domain experts, a set of recommended actions for risk reduction is developed. The recommendations are then prioritized, and instructions are provided for eliminating any consequences in case the threat is realized.
Execution scenario and validation
Execution scenario
To fully understand the proposed approach, to clarify, and simplify the system developed, we have chosen the class of data threats as an application example.
Identifying cloud computing threats
The FCM associated to this class of threats is shown in Fig. 8. (a). The initial FCM is created according to the views of the Cloud domain experts.

(a): Activation of concepts, (b): Result of the inference process execution for data threats.
In this step, we launched the inference process (Fig. 8 (b)), several iterations were performed. The final values of the concept activation vectors are used to represent the different recommendations. In our work, we use the Sigmoid function with a threshold of “0.5” (Fig. 8 (a)) in order to represent the different levels of risk. High values make it possible to judge this entity worthy of security and thus make the decision to recommend it. However, values those are close to or below zero mean that most or all risks are declining (is the principal aim of our work).
In the inference process execution above, the results show that at each step of activation of the different concepts (threats), there is an increase or decrease in the values of these concepts. This shows that there are strong causal relationships between the different threats. The following figure (Fig. 9) shows the associated table to the inference process under FCM Expert.

Associated table to the inference process.
We can summarize these results as follows: when the value of the concepts (C1: availability = 0.8383, C2: security model = 0.679, C3: network security = 0.8944, C5: database security = 0.7567) is increased, the value of the other concepts is decreased (C6: data loss = 0.2897, C8: network attacks = 0.3192). So, according to this scenario, we can deduce that to increase the security of cloud data, we must increase availability (C1), create a more secure model (C2), increase network security (C3), and database security (C5). Also, it is necessary to control the data (C6) and take measures to mitigate network attacks (C8).
To simulate our work, we chose a fuzzy inference system for the Mamdani type data threat class.
It is essential to define membership functions for both input and output parameters. A membership function (MF) is a fuzzy set that extends the indicator function in classical sets and represents the degree of truth as a valuation extension. An MF (x)=0 indicates the absence of membership, while MF (x)=1 represents a full membership.
In this step, after the fuzzification of the input variables: “Network Security, Database Protection, Encryption, Security Model” and also the fuzzification of the output variable: “Availability, Network Attacks, Data Loss”, we pass to the step of building the inference rules. The latter are of if...then type.
It is necessary to specify a set of rules in the form: IF-THEN. For example, in our case: if “Network Security” is “VSP”, and “security model” is “VSP”, and/or “database security” is “SP”, then “data loss” is “SN”; if “Network Security” is “SP”, and “security model” is “SP”, and/or “database security” is “VSP”, then “data loss” is “SN” and “Network Attacks” is “MN”; if “network security” is “VSN”, and “Encryption ” is “SN”, and/or “security model” is “SN”, then “data loss” is “SP” and “availability ” is “SN”; if “Encryption ” is “SN”, and “security model” is “VSN”, and/or “database security” is “SN”, then “data loss” is “SP” and “Network Attacks” is “MN”;
To understand the inference rules, we suppose the following example under Matlab:
16. If (Network_Security is VSP) and (Database_Protection is VSP) and (Encryption is VSP) then (Availability is VSP) (Network_Attacks is Z) (Data_Loss is WP).
This rule means: if the value of network security is very strong positive [0.75, 1], database protection is very positive strong [0.75, 1], and also encryption is very strong positive [0.75, 1] then the value of availability is very strong [0.75, 1], network attacks are zero (very small [–0.25, 0.25]), and data loss is weak positive [0, 0.5].
The last step is the defuzzification of the output variables which are availability, network attacks, data loss. At the data threat class level, Fig. 10 shows the results obtained from this defuzzification for the given practical example.
According to the results obtained in Fig. 10, we observed that the security of the Cloud context varies with changes to input variables. In particular, when the value of the network security (0.75), encryption (0.75), and database protection (0.63) concepts increases, then the availability (0.805) of other services increases, and the value of network attacks (0.25) and data loss (0.356) is decreased until a stable phase of the system. Based on our evaluation model, data security can be affected by various factors, including encryption, database protection, and network security. For instance, to minimize network attacks, it is recommended to enhance the degree of encryption, monitor the protection of databases, and implement additional measures to improve network security.

Defuzzification of output variables.
In the global FCM obtained, we have
According to the characteristics of Cloud Computing, privacy and data security are crucial. For this, there are many research works are available in this domain [64, 65]. Approaches, models and techniques are proposed to protect data [10, 66]. For example, in [67], the authors proposed the concept of a digital signature with RSA algorithm to encrypt the data before transmitting it over the network. By using anonymization techniques, this technique solves the problem of authentication and security. In 2012, the contribution in [68], is devoted to the proposal of a multi-level authentication system aimed at enhancing security in financial transactions. Also, [69] suggested a method using the RSA algorithm for authentication and secure data transfer. This method involves a key generation phase, encryption and decryption. In 2013, a method using message authentication code is proposed in which the cryptographic key, the message and the hash function are concatenated together to provide authentication [70]. In 2014, Satish and Anita [71] proposed a fake screen method to provide two-level authentication in Cloud Computing. Also [64] proposed a technique for data security in the cloud by combining the different mechanisms, namely: multi-factor authentication by one-time password and authentication code of a cryptographic message fingerprint with a key. Balasaraswathi and Manikandan [72] provided a multiple cloud architecture based on encrypted data partitioning with a dynamic approach to secure information in transit or left over. Other works [72–74], also propose the combination of Cloud Computing and network security. These various works and others [10, 66] address the problem of secure data transfer across the network. These approaches focus mainly on authentication parameters. Indeed, data in transit to the cloud can be attacked by various unauthorized interceptors. So, one particular method is not enough to deal with all data security and privacy issues. For this, the main objective of our work is to develop a standard and optimal solution to assess any type of risk, estimate the degree of their impact and predict solutions in order to reduce them to increase Cloud security. This is achieved by our contribution. Our contribution is the result of the combination of the Cloud domain with the decision support tool named fuzzy cognitive maps (FCMs).
Closer to our work, Huang [12] proposes the design of an information security risk assessment process in Cloud by constructing the attack and defense game model of malicious attacker and defender in Cloud Computing. In this work, the author proposes a process without implementation. But in our work, we have proposed a Cloud data risk assessment process based on the qualitative reasoning of FCMs with implementation. The basic idea of the first work is when a threat occurs; it is suggested to apply a defense technique. This implies the possibility of reaching the serious state of Cloud security in case of a wrong risk assessment. But in our work, the global state of cloud security is always shown and modeled using the graphical representation of FCMs. In case there is an increase in these threats, recommendations are introduced to propose better solutions (with the presence of Cloud experts). Therefore, with each update of the global FCM describing the state of cloud security, new recommendations are developed to reduce the degree of activated threats to improve cloud security.
So, the proposed system DSFCM allows identifying, combining risks, understanding them and also making a prediction of the level of any threat. The different experiences show that the DSFCM has a great ability to represent the knowledge, experiences of Cloud experts, their hesitations, and its great ability to deal with data uncertainty. It also makes the risk assessment process more reasonable. In addition, the various DSFCM recommendations allow cloud experts to choose an optimistic decision to reduce data risk, which improves and increasing the ability to ensure cloud security.
Conclusion
This article aims to propose and develop a new Cloud data risk assessment system based on FCM that will help experts in the Cloud Computing field to decide the right recommendations to improve and guarantee the cloud data security. Our system is used to receive the Cloud data security status as the current status of the Cloud Computing platform in the form of FCM. This last is considered as one of the most effective artificial intelligence modeling methods. Indeed, this type of qualitative modeling tools has shown their ability to model uncertainty in complex systems through many previous studies and it seemed appropriate to experiment with them to model security in a complex and dynamic environment which is Cloud Computing. In our work, to elaborate the key concepts and the causal relations of the developed FCMs, we based on the opinion of three Cloud experts and the data of some previous works.
The application of the proposed approach is a new system named DSFCM. This consists of three main steps. The first step is devoted to the identification of threats. In this step, we have identified the different criteria that can influence the level of security for each threat. Also, the FCM for each class of threats is constructed with the degrees of influence between these concepts. The second step is devoted to the calculation of the consequences of these threats, using the FCM Expert platform for the inference process execution. In the last step, a simulation of threats under the MATLAB platform is made, using the fuzzy inference system to develop the various recommendations to reduce the risks of the data in order to ensure good distributed security management and guarantee better traceability of the behavior of the members of the system.
The result of combining FCMs and the Cloud Computing domain is our new system (DSFCM). This system offers the following advantages: In Cloud Computing risk assessment, how to quantify the probability of risk is one of the most important issues; solving this problem is the main objective of our system; Simple to use; by transforming the initial point of view concerning the state of cloud security into causal graphs, a cloud expert without technical training can easily understand the degrees of all threats and their relationship between them; The integration of the qualitative reasoning of the FCM in our system allows to significantly reduce the loss of time of the Cloud Computing experts during the description of their opinion concerning the Cloud security state; Allows the simulation and prediction of the Cloud data security state by determining and evaluating the most critical threats in order to propose recommendations to reduce them, improve and guarantee cloud security; Efficiency and accuracy in the decision-making of cloud domain experts grace to better information using the FCM inferred in our system, representing the global state of Cloud security; Improved the quality of Cloud Computing services by monitoring the state of cloud data security using FCM’s process inference.
In order to improve our system, we propose in the future to perform the following tasks: One of the limitations of the FCM Expert platform is to require the use of ratings (C1, C2, etc.), which makes it difficult to analyze the results obtained more precisely. In this context we propose to add an option to directly write the concepts relating to the domain to be modeled. In the developed system, we proposed to transfer the typical behaviors under FCM Expert into inference rules under Matlab manually. We propose to assign an initial program allowing the automatic performance of this transformation. Propose to integrate a logical translator which transforms the logical rules of the (FIS) in the last step of our system into simple and understandable sentences and recommendations for non-specialists. In the future, we hope to use and apply the third method of creating FCMs (automatic methods) which is based on learning algorithms. The latter exploit different sources such as historical data of a given system to establish a more realistic global FCM.
