{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:KAFNNICWABKO3SQBKIWJBJ2EG3","short_pith_number":"pith:KAFNNICW","canonical_record":{"source":{"id":"1611.07383","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-22T16:09:12Z","cross_cats_sorted":[],"title_canon_sha256":"132db4acafcf07b781290fe146a92306b666b5419dffe46799c00f6db8717f91","abstract_canon_sha256":"107ed6e890fa216bd5222e25188ae1ca648665af0312be77cf92d5cf738a16f1"},"schema_version":"1.0"},"canonical_sha256":"500ad6a0560054edca01522c90a74436c2713d345afdcc4deb9d1fda81b227a2","source":{"kind":"arxiv","id":"1611.07383","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07383","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07383v2","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07383","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"pith_short_12","alias_value":"KAFNNICWABKO","created_at":"2026-05-18T12:30:25Z"},{"alias_kind":"pith_short_16","alias_value":"KAFNNICWABKO3SQB","created_at":"2026-05-18T12:30:25Z"},{"alias_kind":"pith_short_8","alias_value":"KAFNNICW","created_at":"2026-05-18T12:30:25Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:KAFNNICWABKO3SQBKIWJBJ2EG3","target":"record","payload":{"canonical_record":{"source":{"id":"1611.07383","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-22T16:09:12Z","cross_cats_sorted":[],"title_canon_sha256":"132db4acafcf07b781290fe146a92306b666b5419dffe46799c00f6db8717f91","abstract_canon_sha256":"107ed6e890fa216bd5222e25188ae1ca648665af0312be77cf92d5cf738a16f1"},"schema_version":"1.0"},"canonical_sha256":"500ad6a0560054edca01522c90a74436c2713d345afdcc4deb9d1fda81b227a2","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:55:35.557031Z","signature_b64":"FH941zNV1/p7cYiYLN+HBiqwXeaD+A+e6xqblcn+jTsBkNo62DDMGyLqGPJCj29NGi6xmEfdUk0WbPvduUzdAg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"500ad6a0560054edca01522c90a74436c2713d345afdcc4deb9d1fda81b227a2","last_reissued_at":"2026-05-18T00:55:35.556590Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:55:35.556590Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1611.07383","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:35Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"wHPXJkIg3gxrRE3S20ToIf/Kv6HVQo+xgbVImfugvk4C393v3tR1SgAPsg+qWyGEX0uLMbMOE8H9uBvo48FqDg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-24T02:23:52.276339Z"},"content_sha256":"541ba7d92e995979244a6c6465b7deb96fe56fdc1909dc91165a5952a7c4bab7","schema_version":"1.0","event_id":"sha256:541ba7d92e995979244a6c6465b7deb96fe56fdc1909dc91165a5952a7c4bab7"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:KAFNNICWABKO3SQBKIWJBJ2EG3","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"A Non-Intrusive and Context-Based Vulnerability Scoring Framework for Cloud Services","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Florian Pydde, Hao Zhuang","submitted_at":"2016-11-22T16:09:12Z","abstract_excerpt":"Understanding the severity of vulnerabilities within cloud services is particularly important for today service administrators.Although many systems, e.g., CVSS, have been built to evaluate and score the severity of vulnerabilities for administrators, the scoring schemes employed by these systems fail to take into account the contextual information of specific services having these vulnerabilities, such as what roles they play in a particular service. Such a deficiency makes resulting scores unhelpful. This paper presents a practical framework, NCVS, that offers automatic and contextual scorin"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07383","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:55:35Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"pTBxZEk6IBKdH8f/xApUbCmO75+TwwSphp6HXXWtFgKTvysasnVQ1ZAt9zmsHypDbC48eunCUKjw8bxOPdw1AA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-24T02:23:52.276697Z"},"content_sha256":"a0b581f345f59b7d149be8cecbefe04e2505d5acb5563292edac318f1c39d6d2","schema_version":"1.0","event_id":"sha256:a0b581f345f59b7d149be8cecbefe04e2505d5acb5563292edac318f1c39d6d2"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/bundle.json","state_url":"https://pith.science/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-24T02:23:52Z","links":{"resolver":"https://pith.science/pith/KAFNNICWABKO3SQBKIWJBJ2EG3","bundle":"https://pith.science/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/bundle.json","state":"https://pith.science/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/state.json","well_known_bundle":"https://pith.science/.well-known/pith/KAFNNICWABKO3SQBKIWJBJ2EG3/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:KAFNNICWABKO3SQBKIWJBJ2EG3","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"107ed6e890fa216bd5222e25188ae1ca648665af0312be77cf92d5cf738a16f1","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-22T16:09:12Z","title_canon_sha256":"132db4acafcf07b781290fe146a92306b666b5419dffe46799c00f6db8717f91"},"schema_version":"1.0","source":{"id":"1611.07383","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07383","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07383v2","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07383","created_at":"2026-05-18T00:55:35Z"},{"alias_kind":"pith_short_12","alias_value":"KAFNNICWABKO","created_at":"2026-05-18T12:30:25Z"},{"alias_kind":"pith_short_16","alias_value":"KAFNNICWABKO3SQB","created_at":"2026-05-18T12:30:25Z"},{"alias_kind":"pith_short_8","alias_value":"KAFNNICW","created_at":"2026-05-18T12:30:25Z"}],"graph_snapshots":[{"event_id":"sha256:a0b581f345f59b7d149be8cecbefe04e2505d5acb5563292edac318f1c39d6d2","target":"graph","created_at":"2026-05-18T00:55:35Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Understanding the severity of vulnerabilities within cloud services is particularly important for today service administrators.Although many systems, e.g., CVSS, have been built to evaluate and score the severity of vulnerabilities for administrators, the scoring schemes employed by these systems fail to take into account the contextual information of specific services having these vulnerabilities, such as what roles they play in a particular service. Such a deficiency makes resulting scores unhelpful. This paper presents a practical framework, NCVS, that offers automatic and contextual scorin","authors_text":"Florian Pydde, Hao Zhuang","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-22T16:09:12Z","title":"A Non-Intrusive and Context-Based Vulnerability Scoring Framework for Cloud Services"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07383","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:541ba7d92e995979244a6c6465b7deb96fe56fdc1909dc91165a5952a7c4bab7","target":"record","created_at":"2026-05-18T00:55:35Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"107ed6e890fa216bd5222e25188ae1ca648665af0312be77cf92d5cf738a16f1","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-11-22T16:09:12Z","title_canon_sha256":"132db4acafcf07b781290fe146a92306b666b5419dffe46799c00f6db8717f91"},"schema_version":"1.0","source":{"id":"1611.07383","kind":"arxiv","version":2}},"canonical_sha256":"500ad6a0560054edca01522c90a74436c2713d345afdcc4deb9d1fda81b227a2","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"500ad6a0560054edca01522c90a74436c2713d345afdcc4deb9d1fda81b227a2","first_computed_at":"2026-05-18T00:55:35.556590Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:55:35.556590Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"FH941zNV1/p7cYiYLN+HBiqwXeaD+A+e6xqblcn+jTsBkNo62DDMGyLqGPJCj29NGi6xmEfdUk0WbPvduUzdAg==","signature_status":"signed_v1","signed_at":"2026-05-18T00:55:35.557031Z","signed_message":"canonical_sha256_bytes"},"source_id":"1611.07383","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:541ba7d92e995979244a6c6465b7deb96fe56fdc1909dc91165a5952a7c4bab7","sha256:a0b581f345f59b7d149be8cecbefe04e2505d5acb5563292edac318f1c39d6d2"],"state_sha256":"a7678625bf837c18aa0e14ffefd61b48209df8311c04942f35b1d932f0cae20e"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"gBkC2MUohBfFtdwPwLYpFbl015mm5Nj/+vngwXG7e+7d8qwYKl6kLYuBee2PlXjSp9Ldv7tveiK9p3JIv0S4Dg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-24T02:23:52.278598Z","bundle_sha256":"7269312f4dd3aaeba77502049338c6aa2954b320367565eb5320cb8eede234df"}}