A Vulnerability Prediction and Risk Assessment Process for the Open Source Xen Hypervisor

Authors

Abid Shahzad, ICL Education GroupFollow
Alan T. Litchfield, Auckland University of TechnologyFollow

Abstract

This paper presents a vulnerability prediction and risk assessment process developed with the open source Xen hypervisor. Xen provides a very large installation base in leading data centres worldwide. The vulnerability prediction process predicts the number of unknown vulnerabilities. The process allows organizations to identify and quantify risks they could face after moving their critical services to cloud virtual infrastructure. Organizations can determine the adequacy of their security controls to eliminate or reduce risks to Xen by considering the security control recommendations provided in this paper. This process will be quite useful for the organizations that are planning to use Xen as their core hypervisor for a private cloud. The process is evaluated by applying it to Apache HTTP and Squid Proxy servers to demonstrate the generalizability and applicability of the process to open source software packages. Design science research is used as the main methodology for this research.

Recommended Citation

Shahzad, Abid and Litchfield, Alan T., "A Vulnerability Prediction and Risk Assessment Process for the Open Source Xen Hypervisor" (2020). PACIS 2020 Proceedings. 173.
https://aisel.aisnet.org/pacis2020/173