This paper presents a vulnerability prediction and risk assessment process developed with the open source Xen hypervisor. Xen provides a very large installation base in leading data centres worldwide. The vulnerability prediction process predicts the number of unknown vulnerabilities. The process allows organizations to identify and quantify risks they could face after moving their critical services to cloud virtual infrastructure. Organizations can determine the adequacy of their security controls to eliminate or reduce risks to Xen by considering the security control recommendations provided in this paper. This process will be quite useful for the organizations that are planning to use Xen as their core hypervisor for a private cloud. The process is evaluated by applying it to Apache HTTP and Squid Proxy servers to demonstrate the generalizability and applicability of the process to open source software packages. Design science research is used as the main methodology for this research.
Shahzad, Abid and Litchfield, Alan T., "A Vulnerability Prediction and Risk Assessment Process for the Open Source Xen Hypervisor" (2020). PACIS 2020 Proceedings. 173.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.