VULCAN: Vulnerability Assessment Framework for Cloud Computing
作者: Patrick Kamongi , Srujan Kotikela , Krishna Kavi , Mahadevan Gomathisankaran , Anoop Singhal
DOI: 10.1109/SERE.2013.31
关键词:
摘要: Assessing security of software services on Cloud is complex because the depends vulnerability infrastructure, platform and services. In many systems, or infrastructure which will actually run may not be known guaranteed. This implies that service must assured regardless underlying platform, requiring a large number combinations. Another common trend in Service oriented Architecture (SoA) environments composition, whereby new can created rapidly by composing existing Once again, component tested for levels this paper we propose novel assessment framework cloud computing systems. We have designed developed prototype our framework. also present design development with some use cases.
sci-hub.se 参考文章(11)
Timothy Vidas, Nicolas Christin, Daniel Votipka, All your droid are belong to us: a survey of current android attacks WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies. pp. 10- 10 ,(2011)
Pascal Meunier, Classes of Vulnerabilities and Attacks Wiley Handbook of Science and Technology for Homeland Security. pp. 1- 18 ,(2008) , 10.1002/9780470087923.HHS421
Sahar A. Mokhtar, Nora Yahia, AbdelWahab Ahmed, Automatic Generation of OWL Ontology from XML Data Source arXiv: Digital Libraries. ,(2012)
Anoop Singhal, Duminda Wijesekera, Ontologies for modeling enterprise level security metrics cyber security and information intelligence research workshop. pp. 58- ,(2010) , 10.1145/1852666.1852731
Ju An Wang, Minzhe Guo, Hao Wang, Min Xia, Linfeng Zhou, Ontology-based security assessment for software products Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW '09. pp. 15- ,(2009) , 10.1145/1558607.1558625
Ju An Wang, Minzhe Guo, OVM Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW '09. pp. 34- ,(2009) , 10.1145/1558607.1558646
Raymond Paul, I-Ling Yen, Farokh Bastani, Jing Dong, Wei-Tek Tsai, Krishna Kavi, Arif Ghafoor, Jaideep Srivastava, An Ontology-Based Integrated Assessment Framework for High-Assurance Systems ieee international conference semantic computing. pp. 386- 393 ,(2008) , 10.1109/ICSC.2008.46
Aaron Steele, Ontological Vulnerability Assessment Web Information Systems Engineering – WISE 2008 Workshops. pp. 24- 35 ,(2008) , 10.1007/978-3-540-85200-1_5
Xusheng Xiao, Amit Paradkar, Suresh Thummalapenta, Tao Xie, Automated extraction of security policies from natural-language software documents Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering - FSE '12. pp. 12- ,(2012) , 10.1145/2393596.2393608
Jeannette Wing, Oleg Sheyner, Tools for generating and analyzing attack graphs Lecture Notes in Computer Science. pp. 344- 371 ,(2004)