Home > Published Issues > 2010 > Volume 5, No. 1, January 2010 >

Optimal Security Patch Management Policies Maximizing System Availability

Toshikazu Uemura and Tadashi Dohi
Department of Information Engineering Hiroshima University, Higashi-Hiroshima, Japan

Abstract—In this paper we quantitatively evaluate dependability/ security of a computer-based system subject to Denial of Service (DoS) attacks. More specifically, we develop two semi-Markov models for describing the stochastic behavior of systems with different security patch release strategies. The optimal security patch management policies are then formulated and analytically derived to maximize the steadystate system availability. We further perform the sensitivity analysis of model parameters through numerical experiments and refer to the effectiveness of our preventive patch management policies.

Index Terms—Security evaluation, availability, patch management policy, semi-Markov model, analytical approach.
 

Cite: Toshikazu Uemura and Tadashi Dohi, "Optimal Security Patch Management Policies Maximizing System Availability," Journal of Communications, vol. 5, no. 1, pp.71-80, 2010. Doi: 10.4304/jcm.5.1.71-80