• May 03, 2016 News! IJIET Vol. 5, No. 10 has been indexed by EI (Inspec).   [Click]
  • Sep 22, 2017 News!Vol. 7, No. 10 has been indexed by Crossref.
  • Sep 15, 2017 News!Vol. 7, No. 10 issue has been published online!   [Click]
General Information
    • ISSN: 2010-3689
    • Frequency: Bimonthly (2011-2014); Monthly (Since 2015)
    • DOI: 10.18178/IJIET
    • Editor-in-Chief: Prof. Dr. Steve Thatcher
    • Executive Editor: Ms. Nancy Y. Liu
    • Abstracting/ Indexing: EI (INSPEC, IET), Electronic Journals Library, Google Scholar, Crossref and ProQuest
    • E-mail: ijiet@ejournal.net
Editor-in-chief
Prof. Dr. Steve Thatcher
University of South Australia, Australia
It is my honor to be the editor-in-chief of IJIET. The journal publishes good papers which focous on the advanced researches in the field of information and education technology. Hopefully, IJIET will become a recognized journal among the scholars in the filed of information and education technology.
IJIET 2011 Vol.1(3): 206-211 ISSN: 2010-3689
DOI: 10.7763/IJIET.2011.V1.34

ECAT: A CCSS-Based Tool for Enterprise-level System Configuring Automation and Assessment

Bin Wu and Andy Ju An Wang

Abstract—The Common Configuration Scoring System (CCSS) is a set of metrics to evaluate the security level of the severity of software security configuration issues. It is time consuming to generate a CCSS score for a computer system as it requires a large amount of manual operations to perform the evaluation on a machine. As a consequence, it is not practical for a system administrator to evaluate all the machines on an enterprise network one by one with CCSS metrics. This paper proposes a new approach to evaluate security configuration issues at enterprise level. Our solution provides a centralized management framework to remotely monitor and assess the security scores of individual machines on the network. Finally, we provide a set of well defined metrics to evaluate the security influence of the configuration issues at enterprise level. Experiments on a small e-commerce company have demonstrated the great potential of our solution and prototype tool.

Index Terms—ECAT, Enterprise-level Security, Security Metrics, Configuration Evaluation, CCSS.

Bin WU and Andy Ju An WANG, Southern Polytechnic State University, GA, USA

[PDF]

Cite: Bin Wu and Andy Ju An Wang, "ECAT: A CCSS-Based Tool for Enterprise-level System Configuring Automation and Assessment," International Journal of Information and Education Technology vol. 1, no. 3, pp. 206-211, 2011.

Copyright © 2008-2017. International Journal of Information and Education Technology. All rights reserved.
E-mail: ijiet@ejournal.net