CN103049702A - Server layer based security reinforcing strategy - Google Patents
Server layer based security reinforcing strategy Download PDFInfo
- Publication number
- CN103049702A CN103049702A CN2013100017243A CN201310001724A CN103049702A CN 103049702 A CN103049702 A CN 103049702A CN 2013100017243 A CN2013100017243 A CN 2013100017243A CN 201310001724 A CN201310001724 A CN 201310001724A CN 103049702 A CN103049702 A CN 103049702A
- Authority
- CN
- China
- Prior art keywords
- protection
- server
- security
- file
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a server layer based security reinforcing strategy and belongs to the field of server system security. A Linux system is adopted for a server system and is used for respectively performing pre-event protection, in-process protection and post-event protection for hazardous events of the server system so as to reinforce the server system layer by layer, wherein pre-event protection refers to that the core of the server system is reinforced by the aid of an administrator authentication mechanism, a file security protection mechanism and a process and service security protection mechanism; in-process protection depends on a monitoring mechanism to detect, and the monitoring mechanism is capable of timely detecting hazards when the hazardous events happen; and post-event protection refers to an auditing process of the whole hazardous events through an auditing mechanism and by means of tracing and backtracking to search reasons and processes of the hazardous events. The server layer based security reinforcing strategy is a security reinforcing protection strategy aiming at the core layer of server system software so as to reinforce security protection of a server layer.
Description
Technical field
The present invention relates to a kind of server system security fields, specifically a kind of security hardening strategy based on server layer.
Background technology
Present informatization framework divides four parts, infrastructure (server, storage etc.)-〉 safety management (network, data etc.)-〉 network device management (router, switch etc.)-〉 application program (Email, office etc.) substantially.Most construction fund has all been invested infrastructure and has been used two aspects, and obviously not enough for the input of safety management.Only there is safety to drop into and also concentrated on network perimeter security and PC terminal security two aspects, can find out from the data leak that each major company constantly occurs, do like this safety that can not guarantee data.
When we are placed on sight in the security protection of network boundary and PC terminal always, but ignored an Important Problems, though the attack source from where, their target is consistent, that is exactly the terminal server that has carried information service.Not only will do the security protection of network boundary and PC terminal, the security protection of server equally also is the most important thing, only has the security protection from the front end to the rear end all to carry out, the security of protection information data that could be real.
Traditional security protection strategy is divided into two kinds of fire wall and antivirus softwares basically, and fire wall is a kind of protection of hardware layer, and the more effect of antivirus software is the safety problem that has produced is processed.Also there is not the protection for the Server system software core layer in the prior art.
Summary of the invention
Technical assignment of the present invention provides a kind of a kind of security hardening prevention policies that carries out for the Server system software core layer, a kind of security hardening strategy based on server layer of the safeguard protection of enhancement service device layer.
Technical assignment of the present invention realizes in the following manner, and server system adopts linux system, and the hazard event of server system is done respectively in advance protection in protection, the thing, afterwards protection, server system is reinforced successively; Protection is by administrator authentication mechanism, file security protection mechanism, process and service safety protecting mechanism the core of server system to be reinforced in advance; Protection relies on monitoring mechanism to detect in the thing, and monitoring mechanism can detect danger timely when hazard event occurs; Protection is by the audit process of Audit Mechanism to whole hazard event afterwards, recalls by traceability and searches reason and the process that hazard event produces.
In protecting in advance,
One, administrator authentication mechanism comprises: (1), setting root password guarantee Cipher Strength; (2), use specific hardware USB-KEY checking; (3), the client of the accessible operation of sign in the passwd of server system file, passwd verifies by connecting; (4), forbid root user's Telnet.
Two, the file security protection mechanism comprises: (1), file directory authority arrange, and call the authority of front checking place user, group; (2), the file increase can not be changed specific properties under right/kernel, prevents that the root maloperation from causing critical file to damage; (3), forbid/ do not need under the etc/rc.d/ script that moves reducing security breaches; (4), non-root user forbids CDROM, forbids the removable file system of mount; (5), journal file can only write, read, unsuppressible-suppression; (6), trusted host tabulation/etc/hosts.allow, untrusted host tabulation/etc/hosts.deny are set; (7), reduce the history record value, the user withdraws from rear deletion history record.
Three, process and service safety protecting mechanism comprise: (1), specify trusted process by root, the process of appointment is carried out safeguard protection; Non-root user will be rejected the operation that trusted process carries out, system log (SYSLOG) behavior implementer's MARK address and log information; (2), specify employed service by root, the service that system protection is specified will be rejected the non-security operation of all credible service execution of system, and the MARK address that end is sent in operation is recorded into daily record; (3), set new service and open authority, only have root to have the authority of adding the service of unlatching; (4), cancel all unwanted services; To serve Close All except basic service, then open successively the service of required use.
In the protection, administrator authentication mechanism steps flow chart is: (1), administrator authentication in advance; (2), to login mode checking, forbid root user's Telnet, the withdrawing from of Telnet, non-Telnet pass through to enter next step; (3), carry out hardware USB-KEY checking, not by then withdrawing from, by then entering next step; (4), whether the passwd checking client be the accessible client that sets in advance, not by then withdrawing from, by then entering next step; (5) enter the server system management.
In the protection, monitoring mechanism comprises in the thing: the monitoring of (1), port: monitor server, find server is carried out it to be added the main frame of port scanning untrusted tabulation, and record dangerous daily record; (2), log in overtime monitoring: the TIMEOUT value is set, after user's login, begins timing, surpass the not action of time of TIMEOUT value, then automatically logging off users login; (3), monitoring the process: the process in the system is monitored, the process of revising or affect CONFIG.SYS or system core file is carried out log recording.
In the protection, Audit Mechanism comprises afterwards: (1), set up auditing system, and add audit regulation and viewer and collect dangerous data, in order to generate audit statement and search daily record; (2), gather the daily record of Port detecting, monitoring the process and overtime monitoring, dangerous log recording is classified, generate audit log; (3), the analytical auditing form and the daily record that produce, the unsafe factor of hiding in the hiding in the system is revised.
A kind of security hardening strategy based on server layer of the present invention has the following advantages: this is a kind of protection for the system software core layer, and it is thinner than the granularity of antivirus software, obstruction be the source that unsafe factor produces in the system; More can energy saving resources and cost than fire wall, it is a series of safe correction strategy of the safety defect problem left over for linux system.Thereby, have good value for applications.
Description of drawings
The present invention is further described below in conjunction with accompanying drawing.
Accompanying drawing 1 is a kind of block diagram of the security hardening strategy based on server layer;
Accompanying drawing 2 is a kind of process flow diagram of administrator authentication mechanism of the security hardening strategy based on server layer.
Embodiment
Explain below with reference to Figure of description and specific embodiment a kind of security hardening strategy based on server layer of the present invention being done.
Embodiment:
A kind of security hardening strategy based on server layer of the present invention, server system adopt linux system, and the hazard event of server system is done respectively in advance protection in protection, the thing, afterwards protection, server system is reinforced successively; Protection is by administrator authentication mechanism, file security protection mechanism, process and service safety protecting mechanism the core of server system to be reinforced in advance; Protection relies on monitoring mechanism to detect in the thing, and monitoring mechanism can detect danger timely when hazard event occurs; Protection is by the audit process of Audit Mechanism to whole hazard event afterwards, recalls by traceability and searches reason and the process that hazard event produces.
In protecting in advance,
One, administrator authentication mechanism comprises: (1), setting root password guarantee Cipher Strength; (2), use specific hardware USB-KEY checking; (3), the client of the accessible operation of sign in the passwd of server system file, passwd verifies by connecting; (4), forbid root user's Telnet.
Two, the file security protection mechanism comprises: (1), file directory authority arrange, and call the authority of front checking place user, group; (2), the file increase can not be changed specific properties under right/kernel, prevents that the root maloperation from causing critical file to damage; (3), forbid/ do not need under the etc/rc.d/ script that moves reducing security breaches; (4), non-root user forbids CDROM, forbids the removable file system of mount; (5), journal file can only write, read, unsuppressible-suppression; (6), trusted host tabulation/etc/hosts.allow, untrusted host tabulation/etc/hosts.deny are set; (7), reduce the history record value, the user withdraws from rear deletion history record.
Three, process and service safety protecting mechanism comprise: (1), specify trusted process by root, the process of appointment is carried out safeguard protection; Non-root user will be rejected the operation that trusted process carries out, system log (SYSLOG) behavior implementer's MARK address and log information; (2), specify employed service by root, the service that system protection is specified will be rejected the non-security operation of all credible service execution of system, and the MARK address that end is sent in operation is recorded into daily record; (3), set new service and open authority, only have root to have the authority of adding the service of unlatching; (4), cancel all unwanted services; To serve Close All except basic service, then open successively the service of required use.
In the protection, administrator authentication mechanism steps flow chart is: (1), administrator authentication in advance; (2), to login mode checking, forbid root user's Telnet, the withdrawing from of Telnet, non-Telnet pass through to enter next step; (3), carry out hardware USB-KEY checking, not by then withdrawing from, by then entering next step; (4), whether the passwd checking client be the accessible client that sets in advance, not by then withdrawing from, by then entering next step; (5) enter the server system management.
In the protection, monitoring mechanism comprises in the thing: the monitoring of (1), port: monitor server, find server is carried out it to be added the main frame of port scanning untrusted tabulation, and record dangerous daily record; (2), log in overtime monitoring: the TIMEOUT value is set, after user's login, begins timing, surpass the not action of time of TIMEOUT value, then automatically logging off users login; (3), monitoring the process: the process in the system is monitored, the process of revising or affect CONFIG.SYS or system core file is carried out log recording.
In the protection, Audit Mechanism comprises afterwards: (1), set up auditing system, and add audit regulation and viewer and collect dangerous data, in order to generate audit statement and search daily record; (2), gather the daily record of Port detecting, monitoring the process and overtime monitoring, dangerous log recording is classified, generate audit log; (3), the analytical auditing form and the daily record that produce, the unsafe factor of hiding in the hiding in the system is revised.
A kind of security hardening strategy based on server layer of the present invention except the described technical characterictic of instructions, is the known technology of those skilled in the art.
Claims (5)
1. security hardening strategy based on server layer is characterized in that server system adopts linux system, and the hazard event of server system is done respectively in advance protection in protection, the thing, afterwards protection, server system is reinforced successively; Protection is by administrator authentication mechanism, file security protection mechanism, process and service safety protecting mechanism the core of server system to be reinforced in advance; Protection relies on monitoring mechanism to detect in the thing, and monitoring mechanism can detect danger timely when hazard event occurs; Protection is by the audit process of Audit Mechanism to whole hazard event afterwards, recalls by traceability and searches reason and the process that hazard event produces.
2. a kind of security hardening strategy based on server layer according to claim 1, in it is characterized in that protecting in advance,
Administrator authentication mechanism comprises: (1), setting root password guarantee Cipher Strength; (2), use hardware USB-KEY checking; (3), the client of the accessible operation of sign in the passwd of server system file, passwd verifies by connecting; (4), forbid root user's Telnet;
The file security protection mechanism comprises: (1), file directory authority arrange, and call the authority of front checking place user, group; (2), the file increase can not be changed specific properties under right/kernel, prevents that the root maloperation from causing critical file to damage; (3), forbid/ do not need under the etc/rc.d/ script that moves reducing security breaches; (4), non-root user forbids CDROM, forbids the removable file system of mount; (5), journal file can only write, read, unsuppressible-suppression; (6), trusted host tabulation/etc/hosts.allow, untrusted host tabulation/etc/hosts.deny are set; (7), reduce the history record value, the user withdraws from rear deletion history record;
Process and service safety protecting mechanism comprise: (1), specify trusted process by root, the process of appointment is carried out safeguard protection; Non-root user will be rejected the operation that trusted process carries out, system log (SYSLOG) behavior implementer's MARK address and log information; (2), specify employed service by root, the service that system protection is specified will be rejected the non-security operation of all credible service execution of system, and the MARK address that end is sent in operation is recorded into daily record; (3), set new service and open authority, only have root to have the authority of adding the service of unlatching; (4), cancel all unwanted services; To serve Close All except basic service, then open successively the service of required use.
3. a kind of security hardening strategy based on server layer according to claim 1 and 2, in it is characterized in that protecting, administrator authentication mechanism steps flow chart is: (1), administrator authentication in advance; (2), to login mode checking, forbid root user's Telnet, the withdrawing from of Telnet, non-Telnet pass through to enter next step; (3), carry out hardware USB-KEY checking, not by then withdrawing from, by then entering next step; (4), whether the passwd checking client be the accessible client that sets in advance, not by then withdrawing from, by then entering next step; (5) enter the server system management.
4. a kind of security hardening strategy based on server layer according to claim 1, in it is characterized in that protecting in the thing, monitoring mechanism comprises: (1), port monitoring: monitor server, the main frame of port scanning is carried out in discovery to server, it is added the untrusted tabulation, and record dangerous daily record; (2), log in overtime monitoring: the TIMEOUT value is set, after user's login, begins timing, surpass the not action of time of TIMEOUT value, then automatically logging off users login; (3), monitoring the process: the process in the system is monitored, the process of revising or affect CONFIG.SYS or system core file is carried out log recording.
5. a kind of security hardening strategy based on server layer according to claim 1, in it is characterized in that protecting afterwards, Audit Mechanism comprises: (1), set up auditing system, and add audit regulation and viewer and collect dangerous data, in order to generate audit statement and search daily record; (2), gather the daily record of Port detecting, monitoring the process and overtime monitoring, dangerous log recording is classified, generate audit log; (3), the analytical auditing form and the daily record that produce, the unsafe factor of hiding in the hiding in the system is revised.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100017243A CN103049702A (en) | 2013-01-05 | 2013-01-05 | Server layer based security reinforcing strategy |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013100017243A CN103049702A (en) | 2013-01-05 | 2013-01-05 | Server layer based security reinforcing strategy |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103049702A true CN103049702A (en) | 2013-04-17 |
Family
ID=48062335
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013100017243A Pending CN103049702A (en) | 2013-01-05 | 2013-01-05 | Server layer based security reinforcing strategy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103049702A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103457780A (en) * | 2013-09-18 | 2013-12-18 | 浪潮电子信息产业股份有限公司 | Method for managing server host reinforcing product in non-application-proxy mode |
| CN104573530A (en) * | 2015-02-26 | 2015-04-29 | 浪潮电子信息产业股份有限公司 | Security reinforcing system for server |
| CN104732149A (en) * | 2013-12-18 | 2015-06-24 | 国家电网公司 | Method and device for reinforcing operating system |
| CN104820646A (en) * | 2015-05-25 | 2015-08-05 | 烽火通信科技股份有限公司 | PCIE (peripheral component interface express) device dynamic scanning method supporting multi RC (remote control) in Linux system |
| CN105703925A (en) * | 2014-11-25 | 2016-06-22 | 上海天脉聚源文化传媒有限公司 | Security reinforcement method and system for Linux system |
| WO2016150304A1 (en) * | 2015-03-20 | 2016-09-29 | 中兴通讯股份有限公司 | Security vulnerability strengthening method and system |
| WO2017000648A1 (en) * | 2015-06-29 | 2017-01-05 | 中兴通讯股份有限公司 | Authentication method and apparatus for reinforced software |
| CN106603493A (en) * | 2016-11-11 | 2017-04-26 | 北京安天电子设备有限公司 | Safeguard device embedded in network device and safeguard method |
| WO2017167015A1 (en) * | 2016-04-01 | 2017-10-05 | 中兴通讯股份有限公司 | Method and device for server device security management and computer storage medium |
| CN107590253A (en) * | 2017-09-19 | 2018-01-16 | 郑州云海信息技术有限公司 | A kind of automated detection method for MySQL database configuration security |
| CN108664794A (en) * | 2018-04-26 | 2018-10-16 | 广东电网有限责任公司 | A kind of Linux server automation safety encryption |
| CN109522757A (en) * | 2018-10-22 | 2019-03-26 | 郑州云海信息技术有限公司 | A kind of server data disk lock collar device, method and server |
| CN110708332A (en) * | 2019-10-18 | 2020-01-17 | 河南中烟工业有限责任公司 | Cigarette network safety protection method |
| CN111832002A (en) * | 2015-05-28 | 2020-10-27 | 微软技术许可有限责任公司 | Detecting anomalous accounts using event logs |
| CN116257266A (en) * | 2022-11-22 | 2023-06-13 | 浙江御安信息技术有限公司 | Automatic safety reinforcement method and equipment for Linux system host |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101141305A (en) * | 2007-10-08 | 2008-03-12 | 福建星网锐捷网络有限公司 | Network security defensive system, method and security management server |
| EP2031818A1 (en) * | 2007-08-30 | 2009-03-04 | Software Ag | Systems and/or methods for providing feature-rich proprietary and standards-based triggers via a trigger subsystem |
| CN101388010A (en) * | 2007-09-12 | 2009-03-18 | 北京启明星辰信息技术有限公司 | Oracle database audit method and system |
| CN102013140A (en) * | 2009-09-08 | 2011-04-13 | 中国工商银行股份有限公司 | Identity authentication method, server, terminal and system for collection business |
| CN102096985A (en) * | 2010-12-31 | 2011-06-15 | 朱继山 | Community security protection control system |
| CN102098313A (en) * | 2011-03-01 | 2011-06-15 | 黄泽鑫 | Waterproof wall system and authentication method thereof |
| CN102255870A (en) * | 2010-05-19 | 2011-11-23 | 上海可鲁系统软件有限公司 | Security authentication method and system for distributed network |
-
2013
- 2013-01-05 CN CN2013100017243A patent/CN103049702A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2031818A1 (en) * | 2007-08-30 | 2009-03-04 | Software Ag | Systems and/or methods for providing feature-rich proprietary and standards-based triggers via a trigger subsystem |
| CN101388010A (en) * | 2007-09-12 | 2009-03-18 | 北京启明星辰信息技术有限公司 | Oracle database audit method and system |
| CN101141305A (en) * | 2007-10-08 | 2008-03-12 | 福建星网锐捷网络有限公司 | Network security defensive system, method and security management server |
| CN102013140A (en) * | 2009-09-08 | 2011-04-13 | 中国工商银行股份有限公司 | Identity authentication method, server, terminal and system for collection business |
| CN102255870A (en) * | 2010-05-19 | 2011-11-23 | 上海可鲁系统软件有限公司 | Security authentication method and system for distributed network |
| CN102096985A (en) * | 2010-12-31 | 2011-06-15 | 朱继山 | Community security protection control system |
| CN102098313A (en) * | 2011-03-01 | 2011-06-15 | 黄泽鑫 | Waterproof wall system and authentication method thereof |
Non-Patent Citations (1)
| Title |
|---|
| 符彦惟 等: "《计算机网络安全实用技术》", 30 September 2008 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103457780A (en) * | 2013-09-18 | 2013-12-18 | 浪潮电子信息产业股份有限公司 | Method for managing server host reinforcing product in non-application-proxy mode |
| CN104732149B (en) * | 2013-12-18 | 2018-04-06 | 国家电网公司 | The reinforcement means and device of operating system |
| CN104732149A (en) * | 2013-12-18 | 2015-06-24 | 国家电网公司 | Method and device for reinforcing operating system |
| CN105703925A (en) * | 2014-11-25 | 2016-06-22 | 上海天脉聚源文化传媒有限公司 | Security reinforcement method and system for Linux system |
| CN104573530A (en) * | 2015-02-26 | 2015-04-29 | 浪潮电子信息产业股份有限公司 | Security reinforcing system for server |
| WO2016150304A1 (en) * | 2015-03-20 | 2016-09-29 | 中兴通讯股份有限公司 | Security vulnerability strengthening method and system |
| CN106033512A (en) * | 2015-03-20 | 2016-10-19 | 中兴通讯股份有限公司 | Security vulnerability reinforcing method and system |
| CN104820646A (en) * | 2015-05-25 | 2015-08-05 | 烽火通信科技股份有限公司 | PCIE (peripheral component interface express) device dynamic scanning method supporting multi RC (remote control) in Linux system |
| CN104820646B (en) * | 2015-05-25 | 2018-02-16 | 烽火通信科技股份有限公司 | More RC PCIE device dynamic scan method is supported under linux system |
| CN111832002A (en) * | 2015-05-28 | 2020-10-27 | 微软技术许可有限责任公司 | Detecting anomalous accounts using event logs |
| WO2017000648A1 (en) * | 2015-06-29 | 2017-01-05 | 中兴通讯股份有限公司 | Authentication method and apparatus for reinforced software |
| WO2017167015A1 (en) * | 2016-04-01 | 2017-10-05 | 中兴通讯股份有限公司 | Method and device for server device security management and computer storage medium |
| CN106603493B (en) * | 2016-11-11 | 2020-04-24 | 北京安天网络安全技术有限公司 | Safety protection device and protection method built in network equipment |
| CN106603493A (en) * | 2016-11-11 | 2017-04-26 | 北京安天电子设备有限公司 | Safeguard device embedded in network device and safeguard method |
| CN107590253A (en) * | 2017-09-19 | 2018-01-16 | 郑州云海信息技术有限公司 | A kind of automated detection method for MySQL database configuration security |
| CN108664794A (en) * | 2018-04-26 | 2018-10-16 | 广东电网有限责任公司 | A kind of Linux server automation safety encryption |
| CN109522757A (en) * | 2018-10-22 | 2019-03-26 | 郑州云海信息技术有限公司 | A kind of server data disk lock collar device, method and server |
| CN110708332A (en) * | 2019-10-18 | 2020-01-17 | 河南中烟工业有限责任公司 | Cigarette network safety protection method |
| CN116257266A (en) * | 2022-11-22 | 2023-06-13 | 浙江御安信息技术有限公司 | Automatic safety reinforcement method and equipment for Linux system host |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103049702A (en) | Server layer based security reinforcing strategy | |
| US10375101B2 (en) | Computer implemented techniques for detecting, investigating and remediating security violations to IT infrastructure | |
| EP3654220A1 (en) | Prioritized remediation of information security vulnerabilities based on service model aware multi-dimensional security risk scoring | |
| US10091220B2 (en) | Platform for protecting small and medium enterprises from cyber security threats | |
| US20190222601A1 (en) | Network anomaly detection and profiling | |
| US9092616B2 (en) | Systems and methods for threat identification and remediation | |
| Montesino et al. | Information security automation: how far can we go? | |
| US10412109B2 (en) | Method for detecting vulnerabilities in a virtual production server of a virtual or cloud computer system | |
| CN112926048B (en) | Abnormal information detection method and device | |
| KR101292640B1 (en) | Method for Risk Management using Web based RMS linked with SSO | |
| KR20140035146A (en) | Apparatus and method for information security | |
| CN113407949A (en) | Information security monitoring system, method, equipment and storage medium | |
| CN114003943A (en) | Safe double-control management platform for computer room trusteeship management | |
| KR102295488B1 (en) | System and method for exponentiation of security element to analyze danger | |
| Miloslavskaya et al. | Taxonomy for unsecure big data processing in security operations centers | |
| CN104394159A (en) | Method for automatically defending SSHD attacks | |
| KR20110130203A (en) | Apparatus and method for managing it security risk | |
| CN107516039B (en) | Safety protection method and device for virtualization system | |
| Gheorghică et al. | A new framework for enhanced measurable cybersecurity in computer networks | |
| Rose et al. | System hardening for infrastructure as a service (IaaS) | |
| Mayorga et al. | Honeypot network configuration through cyberattack patterns | |
| US20230412631A1 (en) | Methods and systems for system vulnerability determination and utilization for threat mitigation | |
| US20230334150A1 (en) | Restricted execution mode for network-accessible devices | |
| Wang et al. | Research on Power System Cyber Security Defense based on ATT&CK Framework | |
| Maidl et al. | System-specific risk rating of software vulnerabilities in industrial automation & control systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130417 |