U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

VULCAN: Vulnerability Assessment Framework for Cloud Computing

Published

Author(s)

Patrick Kamongi, Srujan Kotikela, Krishna Kavi, Mahadevan Gomathisankaran, Anoop Singhal

Abstract

Assessing security of software services on Cloud is complex because the security depends on the vulnerability of infrastructure, platform and the software services. In many systems, the platform or the infrastructure on which the software will actually run may not be known or guaranteed. This implies that the security of the software service must be assured regardless of the underlying infrastructure or platform, requiring a large number of combinations. Another common trend in Cloud and Service oriented Architecture (SoA) environments is Service composition, whereby new services can be created rapidly by composing existing services. Once again, the component services must be tested for security levels on a large number of platform and infrastructure combinations. In this paper we propose a novel vulnerability assessment framework for cloud computing systems. We have designed and developed a prototype of our framework. We also present the design and development of our framework with some use cases.
Conference Dates
June 18-20, 2013
Conference Location
Gaithersburg, MD, US
Conference Title
Seventh International Conference on Software Security and Reliability (SERE 2013)
Pub Type
Conferences

Download Paper

https://doi.org/10.1109/SERE.2013.31
Local Download

Keywords

cloud computing, ontology, vulnerability assessment
Cybersecurity and Cloud computing and virtualization

Citation

Kamongi, P. , Kotikela, S. , Kavi, K. , Gomathisankaran, M. and Singhal, A. (2013), VULCAN: Vulnerability Assessment Framework for Cloud Computing, Seventh International Conference on Software Security and Reliability (SERE 2013), Gaithersburg, MD, US, [online], https://doi.org/10.1109/SERE.2013.31, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=913852 (Accessed April 26, 2024)

Created June 19, 2013, Updated October 12, 2021