Title :
Design and Implement of a Novel OVAL-Compatible Vulnerability Assessment System
Author :
Gao, Ling ; Wang, Xu-Dong ; Zhang, Lin
Author_Institution :
Dept. of Inf. Sci. & Technol., Northwest Univ., Xi´´an, China
Abstract :
Due to the various kinds of information expressing and transferring standards made by different vendors, the existing security products can not interoperate with each other efficiently. In order to solve this problem, an OVAL-compatible multiplatform vulnerability assessment system (VAS) is proposed in this paper. First, it adopts OVAL as the vulnerability assessment standard. Second, it takes lightweight web server as foundational distributed computing platform. Third, it adopts the manager/agent architecture to improve assessment efficiency. Considering the fact that a computer network usually includes various kinds of operating systems, two versions of agents for Windows and Linux is implemented. So it supports multiplatform vulnerability assessment and security data sharing with other OVAL-compatible tools with high accuracy, assessing completeness and functional expansibility.
Keywords :
open systems; security of data; OVAL-compatible multiplatform vulnerability assessment system; distributed computing; information expressing standards; information transferring standards; manager-agent architecture; Communications technology; Computer network management; Computer networks; Computer security; Data security; Information science; Information security; Operating systems; Software safety; Testing;
Conference_Titel :
Computational Intelligence and Software Engineering, 2009. CiSE 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4507-3
Electronic_ISBN :
978-1-4244-4507-3
DOI :
10.1109/CISE.2009.5366868
