SODA

ASArP: Automated Security Assessment & Audit of Remote Platforms using TCG-SCAP synergies

Aslam, Mudassar and Gehrmann, Christian and Björkman, Mats (2015) ASArP: Automated Security Assessment & Audit of Remote Platforms using TCG-SCAP synergies. Journal of Information Security and Applications, 22 . pp. 28-39. ISSN 2214-2126

Full text not available from this repository.

Official URL: http://www.sciencedirect.com/science/article/pii/S...

Abstract

Many enterprise solutions today are built upon complex distributed systems which are accessible to the users globally. Due to this global access, the security of the host platforms becomes critical. The platform administrators use security automation techniques such as those provided by Security Content Automation Protocol (SCAP) standards to protect the systems from the vulnerabilities that are reported daily; furthermore, they are responsible for keeping their systems compliant to the relevant security recommendations (governmental or industrial). Additionally, third party audit and certification processes are used to increase user trust in enterprise solutions. However, traditional audit and certification mechanisms are not continuous , that is, not frequent enough to deal with the daily reported vulnerabilities, and for that matter even auditors expect platform administrators to keep the systems updated. As a result, the end user is also forced to trust the platform administrators about the latest state of the platform. In this paper we develop an automated security audit and certification system (ASArP)(ASArP) which can be used by platform users or by third party auditors. We use security automation techniques for continuous monitoring of the platform security posture and make the results trustworthy by using trusted computing (TCG) techniques. The prototype development of ASArPASArP validates the implementation feasibility; it also provides performance benchmarks which show that the ASArPASArP based audit and certification can be done much more frequently (e.g. daily or weekly). The feasibility of ASArPASArP based continuous audits is significantly better than traditional platform audits which are dependent on the physical presence of the auditors, thus making frequent audits much more expensive and operationally infeasible.

Item Type:Article
Uncontrolled Keywords:Security, Trusted Computing, Virtual Machine
ID Code:5893
Deposited By:Christian Gehrmann
Deposited On:25 Sep 2015 15:17
Last Modified:25 Sep 2015 15:17

Repository Staff Only: item control page