POSTER: VUDEC: A Framework for Vulnerability Management in Decentralized Communication Networks

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2016-10-24 DOI:10.1145/2976749.2989049

M. Steinke, Stefan Metzger, Wolfgang Hommel

{"title":"POSTER: VUDEC: A Framework for Vulnerability Management in Decentralized Communication Networks","authors":"M. Steinke, Stefan Metzger, Wolfgang Hommel","doi":"10.1145/2976749.2989049","DOIUrl":null,"url":null,"abstract":"Vulnerability management, often used as a generic term for any organizational and technical security controls in the context of identifying, assessing, and mitigating security-relevant software and network weaknesses, has specific challenges in decentralized communication networks such as research and education networks operated by higher education institutions. While many large organizations perform professional vulnerability management and related activities, especially risk management, which are supported by commercial and open source software products, universities and other academic environments still often struggle with ad-hoc and scope-limited approaches due to often unclear responsibilities and a lack of suitable tool support. This poster presents VUDEC, an integrated vulnerability management framework tailored for the requirements of decentrally operated networks; besides organizational aspects of the vulnerability management process, its implementation supports, among other functionality, a highly distributed vulnerability scan architecture and full multi-tenancy capability.","PeriodicalId":432261,"journal":{"name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2976749.2989049","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Vulnerability management, often used as a generic term for any organizational and technical security controls in the context of identifying, assessing, and mitigating security-relevant software and network weaknesses, has specific challenges in decentralized communication networks such as research and education networks operated by higher education institutions. While many large organizations perform professional vulnerability management and related activities, especially risk management, which are supported by commercial and open source software products, universities and other academic environments still often struggle with ad-hoc and scope-limited approaches due to often unclear responsibilities and a lack of suitable tool support. This poster presents VUDEC, an integrated vulnerability management framework tailored for the requirements of decentrally operated networks; besides organizational aspects of the vulnerability management process, its implementation supports, among other functionality, a highly distributed vulnerability scan architecture and full multi-tenancy capability.

查看原文本刊更多论文

海报:VUDEC:分散通信网络中的漏洞管理框架

漏洞管理通常被用作识别、评估和减轻与安全相关的软件和网络弱点的任何组织和技术安全控制的通用术语，在分散的通信网络(如由高等教育机构运营的研究和教育网络)中具有特定的挑战。虽然许多大型组织执行专业的漏洞管理和相关活动，特别是由商业和开源软件产品支持的风险管理，但大学和其他学术环境仍然经常与特殊的和范围有限的方法作斗争，因为通常不明确的责任和缺乏合适的工具支持。这张海报展示了VUDEC，一个针对分散操作网络需求量身定制的综合漏洞管理框架;除了漏洞管理流程的组织方面之外，它的实现还支持高度分布式的漏洞扫描架构和完整的多租户功能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

自引率

0.00%

发文量