Resumen
This work considers challenges, related to the lack of methods of automatic threat modeling and well-formed data sources of threats and countermeasures as well as techniques to collect such security knowledge. Cloud computing domain has been in a focus of security scientists and experts for decade, however it is still a problem to make secure the use of cloud systems and their applications, because of distributed nature, variety of deployment models, and different stakeholders. Towards automation of the threat modeling process we have proposed an ontological approach both to analysis of a system design (by an ontology-driven threat modeling framework) and creation of security patterns (by an ontological schema of security pattern). This work briefly describes those efforts and concentrated on an ontological catalog of cloud system threats. The work offers an Academic Cloud Computing Threat Patters (ACCTP) catalog as a way of the threat modeling of cloud systems and a set of design primitives as means of learning cloud security challenges.