Development of information security and vulnerability risk management system for J-PARC

Ishikawa, Hiroyuki; Tate, Akihiro; Murakami, Tadashi*

JAEA-Technology 2011-030, 62 Pages, 2012/02

JAEA-Technology-2011-030.pdf:4.34MB

In the J-PARC network, yet we already have several kinds of systems to detect and protect network information security threats, it is also important and necessary to countermeasure security vulnerabilities or holes at servers connected to the network. For such purposes, server host vulnerability inspection system is suitable. The system scans target server systems, checks running OS and server software versions on them and warns server administrators against known software vulnerabilities, if there exists. However, we suppose that it is not enough to inspect only at once at the server installation time. Regularly server administrators should do inspection, apply software patches according to its result during the server lives. In this point of view, we developed a web portal system to easily control this continual improve process of server side information security countermeasures by server administrators themselves.