Stylianos Karagiannis, Marco Manso, E. Magkos, Luís L. Ribeiro, Luís Campos
{"title":"自动化和按需网络安全认证","authors":"Stylianos Karagiannis, Marco Manso, E. Magkos, Luís L. Ribeiro, Luís Campos","doi":"10.1109/CSR51186.2021.9527958","DOIUrl":null,"url":null,"abstract":"The digital world nowadays consists of a very high number of devices and software services that are being used and constantly exposed to the Internet. Furthermore, with the evolution of the Internet of Things (IoT), the cybersecurity threat landscape has overall increased. Consequently, various certification frameworks have been developed for maintaining the overall security posture and supporting the required security tests. This paper describes an approach for conducting automated and on-demand cybersecurity certification on systems and software components. Taking the existing cybersecurity frameworks and guidelines into consideration, the developed software/service component aims to provide auditing information and insights from the systems-on-the-test, to certify newly entering components that could increase the security risk. The recommended approach can be used for collecting, extracting, and generating reports regarding the security aspects of the submitted digital assets by deploying automated security tests and auditing processes that will contribute to the certification process.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Automated and On-Demand Cybersecurity Certification\",\"authors\":\"Stylianos Karagiannis, Marco Manso, E. Magkos, Luís L. Ribeiro, Luís Campos\",\"doi\":\"10.1109/CSR51186.2021.9527958\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The digital world nowadays consists of a very high number of devices and software services that are being used and constantly exposed to the Internet. Furthermore, with the evolution of the Internet of Things (IoT), the cybersecurity threat landscape has overall increased. Consequently, various certification frameworks have been developed for maintaining the overall security posture and supporting the required security tests. This paper describes an approach for conducting automated and on-demand cybersecurity certification on systems and software components. Taking the existing cybersecurity frameworks and guidelines into consideration, the developed software/service component aims to provide auditing information and insights from the systems-on-the-test, to certify newly entering components that could increase the security risk. The recommended approach can be used for collecting, extracting, and generating reports regarding the security aspects of the submitted digital assets by deploying automated security tests and auditing processes that will contribute to the certification process.\",\"PeriodicalId\":253300,\"journal\":{\"name\":\"2021 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"volume\":\"35 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSR51186.2021.9527958\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSR51186.2021.9527958","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Automated and On-Demand Cybersecurity Certification
The digital world nowadays consists of a very high number of devices and software services that are being used and constantly exposed to the Internet. Furthermore, with the evolution of the Internet of Things (IoT), the cybersecurity threat landscape has overall increased. Consequently, various certification frameworks have been developed for maintaining the overall security posture and supporting the required security tests. This paper describes an approach for conducting automated and on-demand cybersecurity certification on systems and software components. Taking the existing cybersecurity frameworks and guidelines into consideration, the developed software/service component aims to provide auditing information and insights from the systems-on-the-test, to certify newly entering components that could increase the security risk. The recommended approach can be used for collecting, extracting, and generating reports regarding the security aspects of the submitted digital assets by deploying automated security tests and auditing processes that will contribute to the certification process.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
