Abstract
As the security consciousness rising, information security audit has become an important issue nowadays. This circumstance makes the security audit baseline database a crucial research domain. In this paper, we proposed a security baseline database to assist information security auditors to maintain the security update patch baseline automatically with the help of the Microsoft knowledge base and automatic audit process. A practical implementation demonstrates that the proposed structure is both useful and effective.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fu, Y.P., Farn, K.J., Yang, C.H.: CORAS for the Research of ISAC. In: 2008 International Conference on Convergence and Hybrid Information Technology (ICHIT 2008), August 28-30, pp.250–256 (2008)
Aagedal, J.O., den Braber, F., Dimitrakos, T., Gran, B.A., Raptis, D., Stolen, K.: Model-based risk assessment to improve enterprise security. In: 2002 Sixth International Conference on Enterprise Distributed Object Computing (EDOC 2002), pp. 51–62 (2002)
Microsort Support Center, Security Bulletin, http://technet.microsoft.com/en-us/security/bulletin
“Vulnerability Type Distributions in CVE” MITRE (May 2007), http://cve.mitre.org/docs/vuln-trends/vuln-trends.pdf
The Common Vulnerability Scoring System, http://www.first.org/cvss/
Ouedraogo, M., Mouratidis, H., Khadraoui, D., Dubois, E.: Security Assurance Metrics and Aggregation Techniques for IT Systems. In: 2009 Fourth International Conference on Internet Monitoring and Protection (ICIMC 2009), May 24-28, pp. 98–102 (2009)
Bhilare, D.S., Ramani, A.K., Tanwani, S.: Information Security Risk Assessment and Pointed Reporting: Scalable Approach. In: 2009 International Conference on Computer Engineering and Technology (ICCET 2009), January 22-24, vol. 1, pp. 365–370 (2009)
Ryan, J.J.C., Ryan, D.J.: Performance Metrics for Information Security Risk Management. IEEE Security & Privacy 6(5), 38–44 (2008)
Qu, W., Zhang, D.Z.: Security Metrics Models and Application with SVM in Information Security Management. In: 2007 International Conference on Machine Learning and Cybernetics, August 19-22, vol. 6, pp. 3234–3238 (2007)
Peterson, G.: Introduction to identity management risk metrics. IEEE Security & Privacy 4(4), 88–91 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kuo, CT., Ruan, HM., Chen, SJ., Lei, CL. (2013). Design and Implementation of a Self-growth Security Baseline Database for Automatic Security Auditing. In: Pan, JS., Yang, CN., Lin, CC. (eds) Advances in Intelligent Systems and Applications - Volume 2. Smart Innovation, Systems and Technologies, vol 21. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35473-1_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-35473-1_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35472-4
Online ISBN: 978-3-642-35473-1
eBook Packages: EngineeringEngineering (R0)