Fortification of IT Security by Automatic Security Advisory Processing

The past years have seen the rapid increase of security related incidents in the field of information technology. IT infrastructures in the commercial as well as in the governmental sector are becoming evermore heterogeneous which increases the complexity of handling and maintaining an adequate security level. Especially organizations which are hosting and processing highly sensitive data are obligated to establish a holistic company- wide security approach. We propose a novel security concept to reduce this complexity by automatic assessment of security advisories. A central entity collects vulnerability information from various sources, converts it into a standardized and machine-readable format and distributes it to its subscribers. The subscribers are then able to automatically map the vulnerability information to the ontological stored infrastructure data to visualize newly-discovered software vulnerabilities. The automatic analysis of vulnerabilities decreases response times and permits precise response to new threats and vulnerabilities, thus decreasing the administration complexity and increasing the IT security level.

[1]  Ralph Holbein,et al.  IT-security in electronic commerce: from cost to value driver , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[2]  Kenneth M. Ford,et al.  Using mobile agents as roaming security guards to test and improve security of hosts and networks , 2004, SAC '04.

[3]  Diomidis Spinellis,et al.  Handling and reporting security advisories: a scorecard approach , 2005, IEEE Security & Privacy Magazine.

[4]  Michael Franz Containing the Ultimate Trojan Horse , 2007, IEEE Security & Privacy.

[5]  Robin M. Ruefle,et al.  State of the Practice of Computer Security Incident Response Teams (CSIRTs) , 2003 .

[6]  Rahul Bhaskar State and local law enforcement is not ready for a cyber Katrina , 2006, CACM.

[7]  John,et al.  启动Windows Server Update Services , 2005 .

[8]  D. B. Davis,et al.  Sun Microsystems Inc. , 1993 .

[9]  A Min Tjoa,et al.  Ontology-Based Business Knowledge for Simulating Threats to Corporate Assets , 2006, PAKM.

[10]  Robin M. Ruefle,et al.  Handbook for Computer Security Incident Response Teams (CSIRTs) , 2003 .

[11]  杨岩,et al.  Windows Server Update Services , 2005 .

[12]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[13]  Edgar R. Weippl,et al.  Security Ontologies: Improving Quantitative Risk Analysis , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[14]  Patrick Brézillon,et al.  Lecture Notes in Artificial Intelligence , 1999 .