A methodology for ranking cloud system vulnerabilities

Abstract

Nowadays there is a high demand for security assurance within Cloud Computing world. To meet this demand, security practitioners attempt to assess security vulnerabilities that any given cloud system may have, however this task present some challenges when exposed to a complex cloud system. Different security tools have been developed to facilitate the vulnerabilities discovery process. In this paper we propose a new methodology for ranking cloud system vulnerabilities. We have designed and developed a working model. It starts with vulnerabilities discovery process from our custom cloud web application and ends up with a unified and simple view of ranked vulnerabilities mounted on each of the prioritized and generated attack paths.