Skip to main content
SpringerLink
Log in

Study on Integrity Verification and Compatibility-Conflict Analysis for Safe Patching

  • Conference paper
  • First Online:
Advanced Multimedia and Ubiquitous Engineering (FutureTech 2017, MUE 2017)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 448))

  • 2284 Accesses

Abstract

A Patch Management System (PMS) distributes and manages security patches for patch-server agents after collecting the patch files from software vendors. The PMS must account for the integrity and safety of the patch files to prevent huge damage arising from possible security incidents at the agents’ environment. As software vendors cannot consider the patch compatibility of all patch-agent environments, the cause of a compatibility conflict must be analyzed when a patch fails. Existing PMSs manually verify the integrity of the patch files in a test environment. This study presents a method to automate patch testing and application, while monitoring the file modification, and reduce the time needed to analyze compatibility conflicts by using the modified file information.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Secunia: Secunia vulnerability review 2015, March 2015. https://secunia.com/?action=fetch&filename=secunia_vulnerability_review_2015_pdf.pdf

  2. KISA: Major internet incidents of South Korea, October 2013. http://www.kisa.or.kr/uploadfile/201310/201310071957453995.pdf

  3. Zhao, D., Furnell, S.M., Al-Ayed, A.: The research on a patch management system for enterprise vulnerability update. In: WASE International Conference on ICIE 2009, vol. 2, pp. 250–253 (2009)

    Google Scholar 

  4. NIST.SP.800-40r3: Guide to enterprise patch management technologies, July 2013. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r3.pdf

  5. W3C: Extensible Markup Language. http://www.w3.org/xml/

  6. Eastlake III, D., Reagle, J., Solo, D.: (Extensible Markup Language) XML-signature syntax and processing, No. RFC 3275 (2002). https://www.rfc-editor.org/rfc/pdfrfc/rfc3275.txt.pdf

Download references

Acknowledgment

This work was supported by Institute for Information and communications Technology Promotion (IITP) grant funded by the Korea government (MSIP). (No. B0717-16-0099, IoT Security Vulnerabilities Search, Sharing and Testing Technology Development).

Author information

Authors and Affiliations

  1. Department of Computer Science Engineering, Chung-Nam National University, Daehak-ro. 99, 34134, Daejoen, South Korea

    Jeongmin An, Sangmoon Jung & Yoojae Won

Authors
  1. Jeongmin An
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sangmoon Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yoojae Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yoojae Won .

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Seoul National University of Science and Technology, Seoul, Korea (Republic of)

    James J. (Jong Hyuk) Park

  2. School of Computing and Information Sciences, Florida International University, Miami, Florida, USA

    Shu-Ching Chen

  3. Department of Information Systems and Cyber Security, The University of Texas at San Antonio, Adelaide, Australia

    Kim-Kwang Raymond Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

An, J., Jung, S., Won, Y. (2017). Study on Integrity Verification and Compatibility-Conflict Analysis for Safe Patching. In: Park, J., Chen, SC., Raymond Choo, KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech MUE 2017 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore. https://doi.org/10.1007/978-981-10-5041-1_32

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-5041-1_32

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-5040-4

  • Online ISBN: 978-981-10-5041-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation