Browse > Article
http://dx.doi.org/10.9708/jksci.2015.20.3.075

A Study on the Definition of Security Requirements of Vulnerability Management in Analysis Step  

Shin, Seong-Yoon (School of Computer & Information Communication Engineering, Kunsan National University)
Lee, Hyun-Chang (School of Information and Electronic Commerce(Institute of Convergence and Creativity), Wonkwang University)
Abstract
Vulnerability management is in compliance with security policies, and then, this is to ensure the continuity and availability of the business. In this paper, the application vulnerability management and IT infrastructure of the system is that it must be identified. And a viable vulnerability management plan should be drawn from the development phase. There are many that are not defined vulnerability in the area of identification and authentication, encryption, access control in identification and classification of vulnerabilities. They define the area without missing much in technical, managerial, and operational point of view. Determining whether the response of the identified vulnerability, and to select a countermeasure for eliminating the vulnerability.
Keywords
Vulnerability Management; Identification and Authentication; Encryption; Access Control;
Citations & Related Records
Times Cited By KSCI : 9  (Citation Analysis)
연도 인용수 순위
1 Gwang-Hyun Kim, "Implementation and Design of Proxy System for Web vulnerability Analysis", JKIECS, Vol. 9, No. 9, pp. 1011-1018, 2014
2 Kim ChinGo, "(A)study on the verification of improved security vulnerability when building website", Master Thesis, Graduate School of Namseoul University, 2014
3 Jae-Chan Moon, Seong-Je Cho, "Vulnerability Analysis and Threat Mitigation for Secure Web Application Development," JKSCI, Vol.17, No. 2, pp. 127-137, 2012
4 Mi-Young Park, Hyen-Woo Seung, Yang-mi Lim, "The Vulnerability Analysis for Virtualization Environment Risk Model Management Systematization," JKSII, Vol. 14, No. 3, pp. 23-33, 2013
5 Sunghyuck Hong, "Vulnerability of Directory List and Countermeasures," Journal of Digital Convergence, Vol. 12, No. 10, pp. 259-264, 2014   DOI
6 Do-Yeon Kim, "Vulnerability Analysis for Industrial Control System Cyber Security," JKIECS, Vol. 9, No. 1, pp. 137-142, 2013
7 Dong-Jin Kim, Sung-Je Cho, "An Analysis of Domestic and Foreign Security Vulnerability Management Systems based on a National Vulnerability Database," Internet and Inormation Security, Vol. 1, No. 2, pp. 130-147, 2011
8 Young-Gi Min, Kab-Seung Ko, "A Designed of Virtual Machine Security Vulnerability Detection Tool in a Cloud Computing Environment," Journal of Security Engineering, Vol. 9, No. 6, pp. 519-530, 2012
9 Jin-Seok Yang, Tai-Myoung Chung, "An Efficient Agent Framework for Host-based Vulnerability Assessment System in Virtualization Environment," KIPS Tr. Comp. and Comm. Sys., Vol. 3, No. 1, pp. 23-30, 2014   DOI
10 Woo-Sung Chun, Dea-Woo Park, "A Study of Security Measures and Vulnerability Analysis on the Application using WiBro Service" JKIICE, Vol. 16, No. 6, pp. 1217-1222, 2012
11 Jang Seung-Ju, "Implementation of User Account Vulnerability Checking Function System using MS-SQL Database," JKIICE, Vol. 18, No. 10, pp. 2482-2488, 2014
12 Ji Hong Kim, Huy Kang Kim, "Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis," JKIISC, Vol. 22, No. 5, pp.1079-1090, 2012
13 http://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?seq=18181