Abstract
IT security, even if once achieved, is not a permanent state but rather a process. One of the main factors that impact this process is the ability to identify security vulnerabilities in the software. Disclosing such a flaw is usually followed by issuing a patch. However, for maintainers of a heterogeneous and compound environment, being up to date with all necessary fixes, may be an unexpectedly difficult task. Developing custom software in a grid project introduces another dimension to this problem. The SARA system for static security control has been developed to help the administrators with that issue.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Schneier, B.: Crypto-gram newsletter, http://www.schneier.com/crypto-gram-0005.html
Common vulnerabilities and exposures, http://cve.mitre.org
Common platform enumeration, http://cpe.mitre.org
Common vulnerabilities scoring system, http://www.first.org/cvss
National vulnerability database, http://nvd.nist.gov
Cve details – browse vulnerabilities by date, http://www.cvedetails.com/browse-by-date.php
Rzepka, M.: An approach to monitoring grids with system of automatic reporting and administration (SARA). In: CGW 2010 Conference (October 2010)
A complete guide to the common vulnerability scoring system version 2.0, http://www.first.org/cvss/cvss-guide.html
Cvss version 2 calculator, http://nvd.nist.gov/cvss.cfm
Nagios monitoring system, http://www.nagios.org
Patching status monitoring tool pakiti, http://pakiti.sourceforge.net
Secunia personal software inspector (psi), http://secunia.com/vulnerability_scanning/personal
Secunia psi 2.0 – setup and usage guide, http://secunia.com/gfx/pdf/SecuniaPSI2.0-Setupandusageguide.pdf
Inspire project web page, http://www.inspire-strep.eu
Choraś, M., Flizikowski, A., Kozik, R., Hołubowicz, W.: Decision Aid Tool and Ontology-Based Reasoning for Critical Infrastructure Vulnerabilities and Threats Analysis. In: Rome, E., Bloomfield, R. (eds.) CRITIS 2009. LNCS, vol. 6027, pp. 98–110. Springer, Heidelberg (2010)
Balcerek, B., Szurgot, B., Uchroński, M., Waga, W.: ACARM-ng: Next Generation Correlation Framework. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 114–127. Springer, Heidelberg (2012)
Rzepka, M.: Monitorowanie bezpieczeństwa złożonych infrastruktur przy pomocy systemu SARA, i3 2010 Conference (December 2010), http://www.i3conference.net/online/2010/prezentacje/58.pdf
Balcerek, B., Frankowski, G., Kwiecień, A., Smutnicki, A., Teodorczyk, M.: Security Best Practices: Applying Defense-in-Depth Strategy to Protect the NGI_PL. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds.) PL-Grid 2011. LNCS, vol. 7136, pp. 128–141. Springer, Heidelberg (2012)
Adamski, M., Frankowski, G., Jerzak, M., Stoklosa, D., Rzepka, M.: Defense in depth strategy – a use case scenario of securing a virtual laboratory. In: Davoli, F., Lawenda, M., Meyer, N., Pugliese, R., Weglarz, J., Zappatore, S. (eds.) Remote Instrumentation for eScience and Related Aspects (2012)
Virtual laboratory of interactive learning (wlin) project, http://www.wlin.pl
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Frankowski, G., Rzepka, M. (2012). SARA – System for Inventory and Static Security Control in a Grid Infrastructure. In: Bubak, M., Szepieniec, T., Wiatr, K. (eds) Building a National Distributed e-Infrastructure–PL-Grid. Lecture Notes in Computer Science, vol 7136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28267-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-28267-6_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28266-9
Online ISBN: 978-3-642-28267-6
eBook Packages: Computer ScienceComputer Science (R0)