Multi-criteria Decision Making Model for Vulnerabilities Assessment in Cloud Computing regarding Common Vulnerability Scoring System

Multi-criteria Decision Making Model for Vulnerabilities Assessment in Cloud Computing regarding Common Vulnerability Scoring System

Vulnerability is associated with the probability of resistance of actions of a threat. A vulnerability exists when a force of threat exceeds the capacity of resistance. Virtualization and its exclusive architecture have numerous features and advantages over non-conventional virtual machines. However...

Full description

Saved in:
Bibliographic Details
Published in:2019 Congreso Internacional de Innovación y Tendencias en Ingenieria (CONIITI ) pp. 1 - 6
Main Authors: Bolivar, Holman, Jaimes Parada, Hector Dario, Roa, Olga, Velandia, John
Format: Conference Proceeding
Language:English
Published: IEEE 01-10-2019
Subjects:
Cloud Computing
Common Vulnerability Scoring System
multicriteria decision making
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Vulnerability is associated with the probability of resistance of actions of a threat. A vulnerability exists when a force of threat exceeds the capacity of resistance. Virtualization and its exclusive architecture have numerous features and advantages over non-conventional virtual machines. However, this new uniqueness creates new vulnerabilities and attacks on a cloud system. Assessing the security of software services on Cloud is complex because the security depends on the vulnerability of infrastructure, platform and software services. In 2017, over 14,000 new vulnerabilities were disclosed, so, a key question for administrators is which vulnerabilities to prioritize. The Common Vulnerability Scoring System (CVSS) is often used to decide which vulnerabilities pose the greatest risk. CVSS V3 creates a metric for each vulnerability and establishes a very broad definition of vulnerabilities, therefore, multi-criteria decision making (MCDM) is necessary to making a choice of the best alternative from among a finite set of decision alternatives in terms of multiple criteria. We propose a model for the evaluation and prioritization of vulnerabilities in cloud architectures based on the Common Vulnerability Scoring System and multi-criteria decision making.
DOI:10.1109/CONIITI48476.2019.8960909