Abstract
With the development of power networks, automated verification of security baselines has become increasingly important. Traditional verification methods have disadvantages such as low efficiency, inability to centralize management, and difficulty in maintaining and upgrading. In this paper, we proposed a method of automatically checking the security baseline based on the security baseline model and using the SCAP standard combined with efficient Cloud scanning technology. Our method not only improves efficiency, but also facilitates centralized management and maintenance of upgrades.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhang, X., Chen, X.H., Liu, X.: Construction of information security baseline standardization system for power systems. Electric Power Inf. Commun. Technol. 11(11), 110–114 (2013). (in Chinese)
Gui, Y.H.: Study and applications of operation system security baseline. Comput. Secur. 10, 11–15 (2011)
Kozlovszky, M.: Cloud security monitoring and vulnerability management. Crit. Infrastruct. Protect. Res. 12, 265–269 (2016)
Chen, Z. H.: Security baseline management in the enterprise application. Computer Security, 2013
Gao, S., Wang, Q.Q.: A new security baseline reinforcement method for the power information system. Appl. Mech. Mater. 2407–2411 (2013)
Wang, K., Lu, Y.J.: Automated baseline inspection of big data components. Secur. Informatization 11, 108–110 (2017). (in Chinese)
Shen, Z.H.: Application of security baseline management in enterprises. Comput. Secur. 3, 19–21 (2013). (in Chinese)
Martin, R.A.: Making security measurable and manageable. In: IEEE Military Communications Conference, pp. 1–9 (2008)
Na, S., Kim, T., Kim, H.: A study on the classification of common vulnerabilities and exposures using Naïve Bayes. In: International Conference on Broadband and Wireless Computing, Communication and Applications, pp. 657–662. Springer International Publishing, Heidelberg (2016)
Radack, S., Kuhn, R.: Managing security: the security content automation protocol. IEEE Educational Activities Department (2011)
Li, C., Wang, W.: Application of safety baseline control in risk management process. Netw. Secur. Technol. Appl. 9, 4–7 (2009). (in Chinese)
Waltermire, D., Quinn, S., Scarfone, K., Halbardier, A.: The technical specification for the security content automation protocol-SCAP: SCAP version 1.2 recommendations of the national institute of special publication 800–126 revision 2. Acta Obstetrica Et Gynaecologica Japonica 37(5), 608–609 (2012)
Shi, W., Zhang, L., Wu, C., Li, Z., Laue, F.C.M.: An online auction framework for dynamic resource provisioning in cloud computing. IEEE/ACM Trans. Netw. 24(4), 2060–2073 (2016)
Zhang, Z., Feng, W., Yan, J.T.: A security configuration baseline verification system and method based on the cloud scanning system. Telecommun. Eng. Technol. Stand. 5(12), 20–23 (2012). (in Chinese)
Warrenl, W.J.B.M., Hutchinson, W.: A security evaluation criteria for baseline security standards. In: IFIP TC11 International Conference on Information Security: Visions and Perspectives, pp. 79–90. Kluwer (2002)
Acknowledgement
This work is supported by Science and Technology Project of China Southern Power Grid Co., Ltd. “Research and Demonstration of Key Technologies of Network Security Situational Awareness in Power Monitoring System” (No. ZDKJXM20170002).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, Y., Wang, Q., Sun, M., Chen, P., Qiao, Z., Chen, Z. (2020). Automatic Security Baseline Verification Method Based on SCAP and Cloud Scanning. In: Liu, Q., Mısır, M., Wang, X., Liu, W. (eds) The 8th International Conference on Computer Engineering and Networks (CENet2018). CENet2018 2018. Advances in Intelligent Systems and Computing, vol 905. Springer, Cham. https://doi.org/10.1007/978-3-030-14680-1_102
Download citation
DOI: https://doi.org/10.1007/978-3-030-14680-1_102
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-14679-5
Online ISBN: 978-3-030-14680-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)