A Formal Framework for Patch Management-Reference-Cited by-同舟云学术

A Formal Framework for Patch Management

Published:2013-04 Issue:2 Volume:5 Page:18-31
ISSN:1941-8663
Container-title:International Journal of Interdisciplinary Telecommunications and Networking
language:en
Short-container-title:

Author:

Francia Guillermo A.¹,Kim Kihyun¹,Ahn Byungoh²,Zhou Sen Xin³

Affiliation:

1. Jacksonville State University, Jacksonville, AL, USA

2. Korea Institute for Defense Analyses, Seoul, Korea

3. Anhui University of Finance and Economics, Anhui, China

Abstract

A patch management model provides a framework with which a system’s parameters and behavior can be tested and validated. The authors propose a formal framework that is based on the Continuous Time Markov Chain Model and validate the model using the SHARPE modeling tool. Furthermore, they perform sensitivity analyses to study the dynamic behavior of the proposed model with varying parameter values. A discussion on the results of our study and future research directions concludes the paper.

Publisher

IGI Global

Subject

Computer Networks and Communications

Reference26 articles.

1. Alhazmi, O. H., & Malaiya, Y. K. (2005). Modeling the Vulnerability Discover Process. In Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering (pp.10-138). Las Vegas, NV: IEEE Computer Society Press.

2. Arora, A., Krishnan, R., Nandkumar, A., Telang, R., & Yang, Y. (2004). Impact of vulnerability disclosure and patch availability - Empirical analysis. In Proceedings of the 3rd Annual Workshop on Economics and Information Security (WEIS04). Retrieved January 05, 2013, from https://www.dtc.umn.edu/weis2004/telang.pdf

3. Blue Coat Systems, Inc. (2012). Blue coat systems 2012 web security report. Retrieved January 05, 2013, from http://www.bluecoat.com/sites/default/files/documents/files/BC_2012_Security_Report-v1i-optimized.pdf

4. Bocharov, P. P., D'Apice, C., & Pechinkin, A. V. (2003). Queueing theory. Berlin, Germany: Walter De Gruyter. Retrieved January 31, 2013, from http://www.degruyter.com/view/product/175787

5. Breierova, L., & Choudhari, M. (2001). An introduction to sensitivity analysis. Cambridge, MA: Massachusetts Institute of Technology. Retrieved November 14, 2012, from http://ocw.mit.edu/courses/sloan-school-of-management/15-988-system-dynamics-self-study-fall-1998-spring-1999/readings/sensitivityanalysis.pdf

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Consensus of Thought in Applying Change Management to Information System Environments;International Journal of Information System Modeling and Design;2015-10

2. Internal Control Considerations for Information System Changes and Patches;Advances in Business Information Systems and Analytics;2014