International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Cost Management for Security Applications

  • Arshi Naim (Department of Information Systems, College of Computer Science, King Khalid University) ;
  • Zubairul Hasan (University of Lucknow)
  • Received : 2024.07.05
  • Published : 2024.07.30
Download PDF
⟨ Previous Next ⟩

Abstract

This is an extended paper, focusing on the cost management for the organizations dealing with the crucial issues of security systems. Information Technology (IT) is an important and irreplaceable need of society and all working sector's success depends on IT to a greater extent; therefore maintaining security features is one of the most important aspects of IT. When security in the IT sector is discussed, Patch Management (P.Mgnt) has to be taken under account. P. Mgnt includes many concerns and areas to be described for IT security such as methods and problems in updating patch, methods of reducing security risks with P.Mgnt, methods of achieving economies of scale by controlling the operational costs and taking decisions in investing as and when necessary. This paper presents a general definition of Patch management, its benefits and management of working cost through theoretical models, also the paper gives methods of feeding techniques for microstrip patch antenna MPA, showing the contracting and non contracting methods.

Keywords

References

  1. Dey, D., Lahiri, A., & Zhang, G. (2015). Optimal policies for security patch management. INFORMS Journal on Computing, 27(3), 462-477.
  2. Martini, B., & Choo, K. K. R. (2014). Building the next generation of cyber security professionals. Martini B and Choo KK R.
  3. Wang, B., Li, X., de Aguiar, L. P., Menasche, D. S., & Shafiq, Z. (2017). Characterizing and modeling patching practices of industrial control systems. Proceedings of the ACM on Measurement and Analysis of Computing Systems, 1(1), 1-23
  4. Force, J. T. (2017). Security and Privacy Controls for Information Systems and Organizations (No. NIST Special Publication (SP) 800-53 Rev. 5 (Draft)). National Institute of Standards and Technology.
  5. Chatterjee, S., & Thekdi, S. (2020). An iterative learning and inference approach to managing dynamic cyber vulnerabilities of complex systems. Reliability engineering & system safety, 193, 106664.
  6. Alshawish, A., & de Meer, H. (2019, June). Risk-based decision-support for vulnerability remediation in electric power networks. In Proceedings of the Tenth ACM International Conference on Future Energy Systems (pp. 378-380).
  7. Souppaya, M., & Scarfone, K. (2013). Guide to enterprise patch management technologies. NIST Special Publication, 800, 40.
  8. Hassani, P. (2020). Implementing Patch Management Process.
  9. Gauci, A., Michelin, S., & Salles, M. (2017). Addressing the challenge of cyber security maintenance through patch management. CIRED-Open Access Proceedings Journal, 2017(1), 2599-2601.
  10. Sihvonen, H. M., & Jantti, M. (2010, August). Improving release and patch management processes: An empirical case study on process challenges. In 2010 Fifth International Conference on Software Engineering Advances (pp. 232-237). IEEE.
  11. Segre, H., Carmel, Y., Segoli, M., Tchetchik, A., Renan, I., Perevolotsky, A., ... & Shwartz, A. (2019). Cost-effectiveness of uncultivated field-margins and semi-natural patches in Mediterranean areas: A multi-taxa, landscape scale approach. Biological Conservation, 240, 108262.
  12. Nunez, Y., Gustavson, F., Grossman, F., & Tappert, C. (2010, June). Designing a distributed patch management security system. In 2010 International Conference on Information Society (pp. 162-167). IEEE.
  13. Song, K. T., Kim, S. I., & Kim, S. H. (2021). A Design of Improvement Method of Central Patch Controlled Security Platform Using Blockchain. In Advances in Computer Science and Ubiquitous Computing (pp. 555-561). Springer, Singapore.
  14. Dissanayake, N., Jayatilaka, A., Zahedi, M., & Babar, M. A. (2020). Software Security Patch Management--A Systematic Literature Review of Challenges, Approaches, Tools and Practices. arXiv preprint arXiv:2012.00544.
  15. Mohlenhoff, K. A., & Codding, B. F. (2017). When does it pay to invest in a patch? The evolution of intentional niche construction. Evolutionary Anthropology: Issues, News, and Reviews, 26(5), 218-227.
  16. Lee, J. H., & Kim, H. (2017). Security and privacy challenges in the internet of things [security and privacy matters]. IEEE Consumer Electronics Magazine, 6(3), 134-136.
  17. Gauci, A., Michelin, S., & Salles, M. (2017). Addressing the challenge of cyber security maintenance through patch management. CIRED-Open Access Proceedings Journal, 2017(1), 2599-2601.
  18. Kim, J., Sohn, M., & Won, Y. (2017). An Automatic Patch Management System with Improved Security. In Advanced Multimedia and Ubiquitous Engineering (pp. 74-80). Springer, Singapore.
  19. Monperrus, M. (2014, May). A critical review of" automatic patch generation learned from human-written patches": Essay on the problem statement and the evaluation of automatic software repair. In Proceedings of the 36th International Conference on Software Engineering (pp. 234-242).
  20. DeLuzio, C. (2019). Procurement Guide for Better Election Cybersecurity. New York: New York University School of Law.
  21. Naim, A. (2020). Realization of diverse Electronic tools in learning and teaching for students with diverse skills. Global Journal of Enterprise Information System, 12(1), 72-78.
  22. Humble, J., & Farley, D. (2010). Continuous delivery: reliable software releases through build, test, and deployment automation. Pearson Education.
  23. Sotres, P., Santana, J. R., Sanchez, L., Lanza, J., & Munoz, L. (2017). Practical lessons from the deployment and management of a smart city internet-of-things infrastructure: The smartsantander testbed case. IEEE Access, 5, 14309- 14322.
  24. Kaur, N., & Malhotra, S. (2016, October). A review on significance of design parameters of microstrip patch antennas. In 2016 5th International Conference on Wireless Networks and Embedded Systems (WECON) (pp. 1-6). IEEE.
  25. Naim, A., Khan, M. F., Hussain, M. R., & Khan, N. (2019). "Virtual Doctor" Management Technique in the Diagnosis of ENT Diseases. JOE, 15(9), 88.