Article

VULCAN: Vulnerability Assessment Framework for Cloud Computing

Authors:

Patrick Kamongi,

Srujan Kotikela,

Krishna Kavi,

Mahadevan Gomathisankaran,

Anoop SinghalAuthors Info & Claims

SERE '13: Proceedings of the 2013 IEEE 7th International Conference on Software Security and Reliability

Pages 218 - 226

https://doi.org/10.1109/SERE.2013.31

Published: 18 June 2013 Publication History

Abstract

Assessing security of software services on Cloud is complex because the security depends on the vulnerability of infrastructure, platform and the software services. In many systems, the platform or the infrastructure on which the software will actually run may not be known or guaranteed. This implies that the security of the software service must be assured regardless of the underlying infrastructure or platform, requiring a large number of combinations. Another common trend in Cloud and Service oriented Architecture (SoA) environments is Service composition, whereby new services can be created rapidly by composing existing services. Once again, the component services must be tested for security levels on a large number of platform and infrastructure combinations. In this paper we propose a novel vulnerability assessment framework for cloud computing systems. We have designed and developed a prototype of our framework. We also present the design and development of our framework with some use cases.

Cited By

View all

Le TAli Babar M(2024)Mitigating Data Imbalance for Software Vulnerability Assessment: Does Data Augmentation Help?Proceedings of the 18th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement10.1145/3674805.3686674(119-130)Online publication date: 24-Oct-2024
https://dl.acm.org/doi/10.1145/3674805.3686674
Dissanayake NJayatilaka AZahedi MBabar M(2022)An Empirical Study of Automation in Software Security Patch ManagementProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556969(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556969
Khoda Parast FSindhav CNikam SIzadi Yekta HKent KHakak S(2022)Cloud computing securityComputers and Security10.1016/j.cose.2021.102580114:COnline publication date: 1-Mar-2022
https://dl.acm.org/doi/10.1016/j.cose.2021.102580
Show More Cited By

VULCAN: Vulnerability Assessment Framework for Cloud Computing
1. Social and professional topics
  1. Computing / technology policy
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures

Recommendations

SAaaS: a cloud computing service model using semantic-based agent

Cloud computing, a common business model, provides cloud resources on demand to consumers over the Internet. However, because cloud computing lacks a uniform method of representing knowledge, which can offer customers a comprehensive solution for ...
Assessment and security issues in cloud computing services
PCI '15: Proceedings of the 19th Panhellenic Conference on Informatics

This paper focuses on the security level of some Cloud Computing services and the impact of each vulnerability on them, plus methods and directions to mitigate or fully eliminate the corresponding risks. It describes these vulnerabilities and explores ...
Ontological approach toward cybersecurity in cloud computing
SIN '10: Proceedings of the 3rd international conference on Security of information and networks

Widespread deployment of the Internet enabled building of an emerging IT delivery model, i.e., cloud computing. Albeit cloud computing-based services have rapidly developed, their security aspects are still at the initial stage of development. In order ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SERE '13: Proceedings of the 2013 IEEE 7th International Conference on Software Security and Reliability

June 2013

245 pages

ISBN:9780769550213

Publisher

IEEE Computer Society

United States

Publication History

Published: 18 June 2013

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Le TAli Babar M(2024)Mitigating Data Imbalance for Software Vulnerability Assessment: Does Data Augmentation Help?Proceedings of the 18th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement10.1145/3674805.3686674(119-130)Online publication date: 24-Oct-2024
https://dl.acm.org/doi/10.1145/3674805.3686674
Dissanayake NJayatilaka AZahedi MBabar M(2022)An Empirical Study of Automation in Software Security Patch ManagementProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556969(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556969
Khoda Parast FSindhav CNikam SIzadi Yekta HKent KHakak S(2022)Cloud computing securityComputers and Security10.1016/j.cose.2021.102580114:COnline publication date: 1-Mar-2022
https://dl.acm.org/doi/10.1016/j.cose.2021.102580
Wu XZheng WChen XWang FMu D(2020)CVE-assisted large-scale security bug report dataset construction methodJournal of Systems and Software10.1016/j.jss.2019.110456160:COnline publication date: 1-Feb-2020
https://dl.acm.org/doi/10.1016/j.jss.2019.110456
Patil RModi C(2019)Designing an efficient framework for vulnerability assessment and patching (VAP) in virtual environment of cloud computingThe Journal of Supercomputing10.1007/s11227-018-2698-675:5(2862-2889)Online publication date: 1-May-2019
https://dl.acm.org/doi/10.1007/s11227-018-2698-6
Li RAbendroth DLin XGuo YBaek HEide ERicci RVan der Merwe JGhandeharizadeh SBalazinska MFreedman MBarahmand S(2015)PotassiumProceedings of the Sixth ACM Symposium on Cloud Computing10.1145/2806777.2806935(30-42)Online publication date: 27-Aug-2015
https://dl.acm.org/doi/10.1145/2806777.2806935
Stepanova TPechenkin ALavrova DMakarevich OPoet RElçi AGaur MOrgun MBabenko LFerdous SHo ALaxmi VPieprzyk J(2015)Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systemsProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2799995(142-149)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2799979.2799995

Abstract

Cited By

Recommendations

SAaaS: a cloud computing service model using semantic-based agent

Assessment and security issues in cloud computing services

Ontological approach toward cybersecurity in cloud computing

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Share

Share this Publication link

Share on social media

Affiliations