Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

VULCAN: Vulnerability Assessment Framework for Cloud Computing

Published

Author(s)

Patrick Kamongi, Srujan Kotikela, Krishna Kavi, Mahadevan Gomathisankaran, Anoop Singhal

Abstract

Assessing security of software services on Cloud is complex because the security depends on the vulnerability of infrastructure, platform and the software services. In many systems, the platform or the infrastructure on which the software will actually run may not be known or guaranteed. This implies that the security of the software service must be assured regardless of the underlying infrastructure or platform, requiring a large number of combinations. Another common trend in Cloud and Service oriented Architecture (SoA) environments is Service composition, whereby new services can be created rapidly by composing existing services. Once again, the component services must be tested for security levels on a large number of platform and infrastructure combinations. In this paper we propose a novel vulnerability assessment framework for cloud computing systems. We have designed and developed a prototype of our framework. We also present the design and development of our framework with some use cases.
Conference Dates
June 18-20, 2013
Conference Location
Gaithersburg, MD, US
Conference Title
Seventh International Conference on Software Security and Reliability (SERE 2013)

Keywords

cloud computing, ontology, vulnerability assessment

Citation

Kamongi, P. , Kotikela, S. , Kavi, K. , Gomathisankaran, M. and Singhal, A. (2013), VULCAN: Vulnerability Assessment Framework for Cloud Computing, Seventh International Conference on Software Security and Reliability (SERE 2013), Gaithersburg, MD, US, [online], https://doi.org/10.1109/SERE.2013.31, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=913852 (Accessed May 18, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created June 19, 2013, Updated October 12, 2021