Vulnerability assessment enhancement for middleware for computing and informatics

Jairo Serrano, Elisa Heymann, Eduardo Cesar, Barton P. Miller

Producció científica: Contribució a una revistaArticleRecercaAvaluat per experts

1 Citació (Scopus)

Resum

Security on Grid computing is often an afterthought. However assessing security of middleware systems is of the utmost importance because they manage critical resources owned by different organizations. To fulfill this objective we use First Principles Vulnerability Assessment (FPVA), an innovative analystic-centric (manual) methodology that goes beyond current automated vulnerability tools. FPVA involves several stages for characterizing the analyzed system and its components. Based on the evaluation of several middleware systems, we have found that there is a gap between the initial and the last stages of FPVA, which is filled with the security practitioner expertise. We claim that this expertise is likely to be systematically codified in order to be able to automatically indicate which, and why, components should be assessed. In this paper we introduce key elements of our approach: Vulnerability graphs, Vulnerability Graph Analyzer, and a Knowledge Base of security configurations.
Idioma originalEnglish
Pàgines (de-a)103-118
RevistaComputing and Informatics
Volum31
Número1
Estat de la publicacióPublicada - 25 de maig 2012

Fingerprint

Navegar pels temes de recerca de 'Vulnerability assessment enhancement for middleware for computing and informatics'. Junts formen un fingerprint únic.

Com citar-ho