Bolivar, H. and Jaimes Parada, H.D. and Roa, O. and Velandia, J. (2020) Multi-criteria Decision Making Model for Vulnerabilities Assessment in Cloud Computing regarding Common Vulnerability Scoring System. In: 2019 Congreso Internacional de Innovacion y Tendencias en Ingenieria, CONIITI 2019 - Conference Proceedings :. IEEE. ISBN 9781728147475
Full text not available from this repository.Abstract
Vulnerability is associated with the probability of resistance of actions of a threat. A vulnerability exists when a force of threat exceeds the capacity of resistance. Virtualization and its exclusive architecture have numerous features and advantages over non-conventional virtual machines. However, this new uniqueness creates new vulnerabilities and attacks on a cloud system. Assessing the security of software services on Cloud is complex because the security depends on the vulnerability of infrastructure, platform and software services. In 2017, over 14,000 new vulnerabilities were disclosed, so, a key question for administrators is which vulnerabilities to prioritize. The Common Vulnerability Scoring System (CVSS) is often used to decide which vulnerabilities pose the greatest risk. CVSS V3 creates a metric for each vulnerability and establishes a very broad definition of vulnerabilities, therefore, multi-criteria decision making (MCDM) is necessary to making a choice of the best alternative from among a finite set of decision alternatives in terms of multiple criteria. We propose a model for the evaluation and prioritization of vulnerabilities in cloud architectures based on the Common Vulnerability Scoring System and multi-criteria decision making.