Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Design for a Hyperledger Fabric Blockchain-Based Patch-Management System

  • Song, Kyoung-Tack (Dept. of IT Convergence Software Engineering, Korea University of Technology and Education) ;
  • Kim, Shee-Ihn (Dept. of IT Convergence Software Engineering, Korea University of Technology and Education) ;
  • Kim, Seung-Hee (Dept. of IT Convergence Software Engineering, Korea University of Technology and Education)
  • Received : 2019.11.12
  • Accepted : 2020.02.11
  • Published : 2020.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

An enterprise patch-management system (PMS) typically supplies a single point of failure (SPOF) of centralization structure. However, a Blockchain system offers features of decentralization, transaction integrity, user certification, and a smart chaincode. This study proposes a Hyperledger Fabric Blockchain-based distributed patch-management system and verifies its technological feasibility through prototyping, so that all participating users can be protected from various threats. In particular, by adopting a private chain for patch file set management, it is designed as a Blockchain system that can enhance security, log management, latest status supervision and monitoring functions. In addition, it uses a Hyperledger Fabric that owns a practical Byzantine fault tolerant consensus algorithm, and implements the functions of upload patch file set, download patch file set, and audit patch file history, which are major features of PMS, as a smart contract (chaincode), and verified this operation. The distributed ledger structure of Blockchain-based PMS can be a solution for distributor and client authentication and forgery problems, SPOF problem, and distribution record reliability problem. It not only presents an alternative to dealing with central management server loads and failures, but it also provides a higher level of security and availability.

Keywords

References

  1. S. Rathore, Y. Pan, and J. H. Park, "BlockDeepNet: a Blockchain-based secure deep learning for IoT network," Sustainability, vol. 11, no.14, article no. 3974, 2019.
  2. S. Rathore, B. W. Kwon, and J. H. Park, "BlockSecIoTNet: Blockchain-based decentralized security architecture for IoT network," Journal of Network and Computer Applications, vol. 143, pp. 167-177, 2019. https://doi.org/10.1016/j.jnca.2019.06.019
  3. P. K. Sharma, S. Y. Moon, and J. H. Park, "Block-VN: a distributed Blockchain based vehicular network architecture in smart city," Journal of Information Processing Systems, vol. 13, no. 1, pp. 184-195, 2017. https://doi.org/10.3745/JIPS.03.0065
  4. Y. Sung and J. H. Park, "Future trends of Blockchain and crypto currency: challenges, opportunities, and solutions," Journal of Information Processing Systems, vol. 15, no. 3, pp. 457-463, 2019. https://doi.org/10.3745/jips.03.0115
  5. C. Dennis, "Why is patch management necessary?," Network Security, vol. 2018, no.7, pp. 9-13, 2018. https://doi.org/10.1016/S1353-4858(18)30068-0
  6. S. Liu, R. Kuhn, and H. Rossman, "Surviving insecure it: effective patch management," IT Professional, vol. 11, no. 2, pp. 49-51, 2009. https://doi.org/10.1109/MITP.2009.38
  7. T. Gerace and H. Cavusoglu, "The critical elements of patch management," in Proceedings of the 33rd Annual ACM SIGUCCS Conference on User services, Monterey, CA, 2005, pp. 98-101.
  8. C. Higby and M. Bailey "Wireless security patch management system," in Proceedings of the 5th Conference on Information Technology Education, Salt Lake City, UT, 2004, pp. 165-168.
  9. I. Y. Lee, S. Y. Lee, J. S. Moon, and J. I. Lim, "A study on efficient component in patch management system," in Proceedings of the Korean Society of Broad Engineers Conference, 2008, pp. 21-24.
  10. S. Nakamoto, "Bitcoin: a peer-to-peer electronic cash system," 2008; https://git.dhimmel.com/bitcoinwhitepaper/.
  11. Y. J. Kim, S. W. Lee, T. S. Sohn, J. S. Moon, J. T. Seo, J. B. Yun, and E. K. Park, "Design the classed patch distribution system framework considering the extension," in Proceedings of the Korean Institute of Information Science Society Conference, 2004, pp. 199-201.
  12. H. Cavusoglu, H. Cavusoglu, and J. Zhang, "Security patch management: Share the burden or share the damage?," Management Science, vol. 54, no. 4, pp. 657-670, 2008. https://doi.org/10.1287/mnsc.1070.0794
  13. Y. Kim, S. Na, H. Kim, and Y. Won, "Automatic patch information collection system using web crawler," Journal of The Korea Institute of Information Security and Cryptology, vol. 28, no. 6, pp. 1393-1399, 2018. https://doi.org/10.13089/JKIISC.2018.28.6.1393
  14. J. Muhammad and R. O. Sinnott, "Policy-driven patch management for distributed environments," in Proceedings of 2009 3rd International Conference on Network and System Security, Gold Coast, Australia, 2009, pp. 158-163.
  15. T. Palumbo, "The power of PowerShell: examples of how PowerShell scripts can supplement a patch management system to solve unusual problems," in Proceedings of the 2017 ACM Annual Conference on SIGUCCS, Seattle, WA, 2017, pp. 7-14.
  16. J. Zheng, H. Okamura, and T. Dohi, "Security evaluation of a VM-based intrusion-tolerant system with pulltype patch management," in Proceedings of 2019 IEEE 19th International Symposium on High Assurance Systems Engineering (HASE), Hangzhou, China, 2019, pp. 156-163.
  17. T. S. Sohn, J. W. Kim, I. G. Park, J. S. Moon, J. T. Seo, E. K. Im, and C. W. Lee, "The design of a secure patch distribution architecture," in Proceedings of the Korean Information Science Society Conference, 2002, pp. 559-561.
  18. J. T. Seo, J. B. Yun, D. S. Choi, E. K. Park, J. W. Seo, T. S. Sohn, and J. S. Moon, "Patch management system with multiplatform support," in Proceedings of the Korean Information Science Society Conference, 2003, pp. 889-891.
  19. C. W. Chang, D. R. Tsai, and J. M. Tsai, "A cross-site patch management model and architecture design for large scale heterogeneous environment," in Proceedings of the 39th Annual 2005 International Carnahan Conference on Security Technology, Las Palmas, Spain, 2005, pp. 41-46.
  20. S. W. Lee, Y. J. Kim, T. S. Sohn, J. S. Moon, J. T. Seo, E. Y. Lee, and D. H. Lee, "Design the normalized secure patch distribution & management system," in Proceedings of the Korean Information Science Society Conference, 2004, pp. 502-504.
  21. Y. J. Kim, S. W. Lee, T. S. Sohn, J. S. Moon, J. T. Seo, E. Y. Lee, and E. K. Park, "Design the security patch central management system using XML," in Proceedings of the Korean Information Science Society Conference, 2004, pp. 505-507.
  22. I. T. Jung, T. H. Han, and H. S. Jo, "PC information extraction method applicable to MacOS-based patch management system," in Proceedings of the Korean Information Science Society Conference, 2017, pp. 1536-1538.
  23. A. M. Antonopoulos, Mastering Bitcoin: Unlocking Digital Cryptocurrencies. Sebastopol, CA: O'Reilly Media Inc., 2014.
  24. D. Larimer, "Delegated Proof-of-Stake (DPoS)," 2014; https://bitcointalk.org/index.php?topic=558316.0.
  25. G. T. Nguyen and K. Kim, "A survey about consensus algorithms used in Blockchain," Journal of Information Processing Systems, vol. 14, no.1, pp. 101-128, 2018. https://doi.org/10.3745/JIPS.01.0024