{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:CEIXHFEDZ4COBVIUQHYBA4JH5U","short_pith_number":"pith:CEIXHFED","canonical_record":{"source":{"id":"1611.07617","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-23T03:02:39Z","cross_cats_sorted":[],"title_canon_sha256":"9a3c9db843df2c03967bff126cedb682219895f0ff7e32f7e437549693ec92d3","abstract_canon_sha256":"e78e2efc519fae973b7120fcf4eaa14134eafd65fbace1ed5b78aaca3136135e"},"schema_version":"1.0"},"canonical_sha256":"1111739483cf04e0d51481f0107127ed3d40ec27b07deb7f65b39f3db7d70b51","source":{"kind":"arxiv","id":"1611.07617","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07617","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07617v2","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07617","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"pith_short_12","alias_value":"CEIXHFEDZ4CO","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_16","alias_value":"CEIXHFEDZ4COBVIU","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_8","alias_value":"CEIXHFED","created_at":"2026-05-18T12:30:09Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:CEIXHFEDZ4COBVIUQHYBA4JH5U","target":"record","payload":{"canonical_record":{"source":{"id":"1611.07617","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-23T03:02:39Z","cross_cats_sorted":[],"title_canon_sha256":"9a3c9db843df2c03967bff126cedb682219895f0ff7e32f7e437549693ec92d3","abstract_canon_sha256":"e78e2efc519fae973b7120fcf4eaa14134eafd65fbace1ed5b78aaca3136135e"},"schema_version":"1.0"},"canonical_sha256":"1111739483cf04e0d51481f0107127ed3d40ec27b07deb7f65b39f3db7d70b51","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:55:40.326897Z","signature_b64":"C7tIhSKJ98Ocn1kkUiTYuPN6UzMXcrk7u+8JfHIC+t/H+wcrSJnPPB19bZZKOeKplcEixl1v1lR2mzvJdpIqAA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"1111739483cf04e0d51481f0107127ed3d40ec27b07deb7f65b39f3db7d70b51","last_reissued_at":"2026-05-18T00:55:40.326234Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:55:40.326234Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1611.07617","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:40Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"tvRydGbSgOH/ksn9fYdufs5odS2vnXw36Pr4bR+V5KSSJw37sjAi4qI/4XbB4UwREeRtzFZOuz774uiSNyStBg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T17:51:58.733652Z"},"content_sha256":"eeb654acc599d991613460cdfd7e0050a77e2229c28d4576713c67cb4fe44239","schema_version":"1.0","event_id":"sha256:eeb654acc599d991613460cdfd7e0050a77e2229c28d4576713c67cb4fe44239"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:CEIXHFEDZ4COBVIUQHYBA4JH5U","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"A New Framework for Ranking Vulnerabilities in the Clouds","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"He Zhu","submitted_at":"2016-11-23T03:02:39Z","abstract_excerpt":"Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into cloud infrastructure. This paper aims to propose a novel framework to qualify and rank the vulnerabilities based on their threat degrees in cloud service. Through inputting or constructing service dependency graph, our framework is able to generate the importance degree of each service and the ranking list of all the vulnerabilities in cloud service. Moreover, "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07617","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:40Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"6Nz3Bop5K7kaK4xSGp0kzBbiX0OIKq3PKQXcxFU1hsImaHYjPjO4T79DRN9c2jZdQQDLyyi7svip9HjB2cN3AQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-31T17:51:58.734405Z"},"content_sha256":"fe7aae2fae7e9c3c57a10665edb0141e0f88b4102e83f34fbe895ed109371b47","schema_version":"1.0","event_id":"sha256:fe7aae2fae7e9c3c57a10665edb0141e0f88b4102e83f34fbe895ed109371b47"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/bundle.json","state_url":"https://pith.science/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-31T17:51:58Z","links":{"resolver":"https://pith.science/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U","bundle":"https://pith.science/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/bundle.json","state":"https://pith.science/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/state.json","well_known_bundle":"https://pith.science/.well-known/pith/CEIXHFEDZ4COBVIUQHYBA4JH5U/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:CEIXHFEDZ4COBVIUQHYBA4JH5U","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"e78e2efc519fae973b7120fcf4eaa14134eafd65fbace1ed5b78aaca3136135e","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-23T03:02:39Z","title_canon_sha256":"9a3c9db843df2c03967bff126cedb682219895f0ff7e32f7e437549693ec92d3"},"schema_version":"1.0","source":{"id":"1611.07617","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07617","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07617v2","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07617","created_at":"2026-05-18T00:55:40Z"},{"alias_kind":"pith_short_12","alias_value":"CEIXHFEDZ4CO","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_16","alias_value":"CEIXHFEDZ4COBVIU","created_at":"2026-05-18T12:30:09Z"},{"alias_kind":"pith_short_8","alias_value":"CEIXHFED","created_at":"2026-05-18T12:30:09Z"}],"graph_snapshots":[{"event_id":"sha256:fe7aae2fae7e9c3c57a10665edb0141e0f88b4102e83f34fbe895ed109371b47","target":"graph","created_at":"2026-05-18T00:55:40Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into cloud infrastructure. This paper aims to propose a novel framework to qualify and rank the vulnerabilities based on their threat degrees in cloud service. Through inputting or constructing service dependency graph, our framework is able to generate the importance degree of each service and the ranking list of all the vulnerabilities in cloud service. Moreover, ","authors_text":"He Zhu","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-23T03:02:39Z","title":"A New Framework for Ranking Vulnerabilities in the Clouds"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07617","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:eeb654acc599d991613460cdfd7e0050a77e2229c28d4576713c67cb4fe44239","target":"record","created_at":"2026-05-18T00:55:40Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"e78e2efc519fae973b7120fcf4eaa14134eafd65fbace1ed5b78aaca3136135e","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-23T03:02:39Z","title_canon_sha256":"9a3c9db843df2c03967bff126cedb682219895f0ff7e32f7e437549693ec92d3"},"schema_version":"1.0","source":{"id":"1611.07617","kind":"arxiv","version":2}},"canonical_sha256":"1111739483cf04e0d51481f0107127ed3d40ec27b07deb7f65b39f3db7d70b51","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"1111739483cf04e0d51481f0107127ed3d40ec27b07deb7f65b39f3db7d70b51","first_computed_at":"2026-05-18T00:55:40.326234Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:55:40.326234Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"C7tIhSKJ98Ocn1kkUiTYuPN6UzMXcrk7u+8JfHIC+t/H+wcrSJnPPB19bZZKOeKplcEixl1v1lR2mzvJdpIqAA==","signature_status":"signed_v1","signed_at":"2026-05-18T00:55:40.326897Z","signed_message":"canonical_sha256_bytes"},"source_id":"1611.07617","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:eeb654acc599d991613460cdfd7e0050a77e2229c28d4576713c67cb4fe44239","sha256:fe7aae2fae7e9c3c57a10665edb0141e0f88b4102e83f34fbe895ed109371b47"],"state_sha256":"4a384c7c30c5ca15187542337439af32d6d71e80f46b669c2bb9b5e8f7475b17"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"aUsj9BHjmXnXQBEGFzD0veMSqfExl3oK526NQ24d9eSbPTDdZ70UBRMyKoHadbMgt1cau7VnM+Y8qpyb/wRdDg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-31T17:51:58.738374Z","bundle_sha256":"945f23e8e685c7f0f509c6c252956609bd7029f4152ffdf171d7ed083ab10aa7"}}