Journal of Information Processing Systems

  • 제13권6호
  • /
  • Pages.1516-1526
  • /
  • 2017
  • /
  • 1976-913X(pISSN)
  • /
  • 2092-805X(eISSN)
한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

Patch Integrity Verification Method Using Dual Electronic Signatures

  • Kim, JunHee (Dept. of Computer Science Engineering, Chungnam National University) ;
  • Won, Yoojae (Dept. of Computer Science Engineering, Chungnam National University)
  • 투고 : 2017.04.03
  • 심사 : 2017.08.27
  • 발행 : 2017.12.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Many organizations today use patch management systems to uniformly manage software vulnerabilities. However, the patch management system does not guarantee the integrity of the patch in the process of providing the patch to the client. In this paper, we propose a method to guarantee patch integrity through dual electronic signatures. The dual electronic signatures are performed by the primary distribution server with the first digital signature and the secondary distribution server with the second digital signature. The dual electronic signature ensures ensure that there is no forgery or falsification in the patch transmission process, so that the client can verify that the patch provided is a normal patch. The dual electronic signatures can enhance the security of the patch management system, providing a secure environment for clients.

키워드

참고문헌

  1. J. W. Shin, "Status of infringement accidents through major internet accident experiences in South Korea," Internet & Security Focus, no. 9, pp. 36-53, 2013.
  2. H. Cavusoglu, H. Cavusoglu, and J. Zhang, "Economics of security patch management." in Proceedings of 5th Workshop on the Economics of Information Security (WEIS 2006), Cambridge, UK, 2006.
  3. Centre for the Protection of National Infrastructure, Good Practice Guide Patch Management. London: Centre for the Protection of National Infrastructure, 2006.
  4. S. Lee, Y. J. Kim, T. S. Sohn, J. S. Moon, J. T. Seo, E. Y. Lee, and D. H. Lee, "Design the normalized secure patch distribution & management system," Journal of the Korean Institute of Information Scientists and Engineers, vo. 31, no. 2I, pp. 502-504, 2004.
  5. T. S. Sohn, J. W. Seo, J. S. Moon, J. T. Seo, E. G. Im, and C. W. Lee, "Design and implementation of a secure software architecture for security patch distribution," Journal of the Korea Institute of Information Security and Cryptology, vol. 13, no. 4, pp. 47-62, 2003.
  6. S. Lee, Y. J. Kim, J. S. Moon, J. T. Seo, D. S. Choi, and E. K. Park, "Design the multi-platform based automatic distribution method of security patches with RMI and SSL," Journal of the Korean Institute of Information Scientists and Engineers, vol. 31, no.1A, pp. 283-285, 2004.
  7. T. Bartoletti, L. A. Dobbs, and M. Kelley, "Secure software distribution system," in Proceedings of 20th NIST-NCSC National Information Systems Security Conference, Baltimore, MD, 1997, pp. 191-201.
  8. H. Im, J. Kang, and J. H. Park, "Certificateless based public key infrastructure using a DNSSEC," Journal of Convergence, vol. 6, no. 3, pp. 26-33, 2015.