检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:章思宇[1] 姜开达[1] Zhang Siyu Jiang Kaida(Network and Information Center, Shanghai Jiao Tong University, Shanghai 200240, Chin)
出 处:《华中科技大学学报(自然科学版)》2016年第11期7-10,共4页Journal of Huazhong University of Science and Technology(Natural Science Edition)
基 金:国家自然科学基金资助项目(61371084)
摘 要:针对当前漏洞管理系统受制于漏洞扫描引擎,在可扩展性和性能上存在瓶颈的问题,设计并实现了一个漏洞自动化跟踪平台.该平台可统一管理各种渠道获得的信息系统漏洞信息,每个漏洞关联一个检测其是否已修复的检测脚本及参数,多进程方式并行执行的任务调度程序高频度复测漏洞状态,可扩展到多机部署进一步扩展性能.漏洞检测脚本以退出代码反馈测试结果,支持任何能在部署操作系统上执行的语言编写,并能被相似漏洞复用.开放的数据接口将本平台与IT资产数据库和流程管理系统对接,已完成的两套实际部署案例表明本平台对提高漏洞处置效率发挥了积极的作用.Restricted by the scanning engines,existing vulnerability management systems suffer limitations in extensibility and performance.A platform for automated vulnerability tracking was proposed,which allowed unified management of vulnerabilities from all sources.Every vulnerability was associated with a script for fix verification,and the multi-process task scheduler performed frequent retests in parallel,whose performance could be further improved with a distributed deployment.As exit code was used to indicate the test results,vulnerability test scripts could be written in any executable programming language,and could be shared by similar vulnerabilities.Open data interfaces were developed to allow integration of this platform with other IT asset and workflow management systems.There are already two successful deployments of this platform,and the result shows that it can effectively speed up the process of vulnerability remediation.
关 键 词:信息安全 网络安全 漏洞 扫描 Vul TRACKER
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222