Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.573869
Title: Exploring the automatic identification and resolution of software vulnerabilities in grid-based environments
Author: Muhammad, Jan
Awarding Body: University of Glasgow
Current Institution: University of Glasgow
Date of Award: 2013
Availability of Full Text:
Access through EThOS:
Access through Institution:
Abstract:
Security breaches occur due to system vulnerabilities with numerous reasons including; erro- neous design (human errors), management or implementation errors. Vulnerabilities are the weaknesses that allow an attacker to violate the integrity of a system. To address this, system administrators and security professionals typically employ tools to determine the existence of vulerabilities. Security breaches can be dealt with through reactive or proactive methods. Reactive approaches are passive, in which when a breach occurs, site administrators respond to provide damage control, tracking down how the attacker got in, resolving the vulnerability and fixing the system. On the other hand, proactive approaches preemptively discover and fix vulnerabilities in their systems and networks before attacks can occur. For many research and business areas, organizations need to collaborate with peers by sharing their resources (storage servers, clusters, databases etc). This is often achieved through formation of Virtual Organisations (VO). For successful operation of such endeavors, security is a key issue and system configuration is vital. A faulty or incomplete configuration of a given site can cause hinderances to their normal operation and indeed be a threat to the whole VO. Management of such infrastructures is complex since they should ideally address the overall configuration and management of a dynamic set of VO-specific resources across multiple sites, as well as configuration and management of the underlying infrastructure upon which the VO exists - referred to in this thesis as the fabric. This thesis investigates the feasibility of using a proactive approach towards detecting vulner- abilities across VO resources. First, it investigates whether vulnerability assessment tools can preemptively help in detecting fabric level weaknesses. Then it explores how the combination of advanced authorisation infrastructures with configuration management tools can allow distributed site administrators to address the challenges associated with vulnerabilities. The primary contribution of this work is a novel approach for vulnerability management which addresses the specific challenges facing VO-wide security and incorporation of fabric man- agement security considerations.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.573869  DOI: Not available
Keywords: QA75 Electronic computers. Computer science
Share: