{"updated":"2025-01-19T15:20:28.898090+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00217897","sets":["1164:4088:10830:10908"]},"path":["10908"],"owner":"44499","recid":"217897","title":["KEKにおける脆弱性自己点検PDCAサイクル高速化"],"pubdate":{"attribute_name":"公開日","attribute_value":"2022-05-12"},"_buckets":{"deposit":"bfa1d7b0-e8a9-415b-be7d-e577b8399511"},"_deposit":{"id":"217897","pid":{"type":"depid","value":"217897","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"KEKにおける脆弱性自己点検PDCAサイクル高速化","author_link":["565428","565426","565427"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"KEKにおける脆弱性自己点検PDCAサイクル高速化"},{"subitem_title":"Improving PDCA cycle on vulnerability self-inspection at KEK","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"IOT/CSEC","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2022-05-12","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"高エネルギー加速器研究機構計算科学センター／総合研究大学院大学高エネルギー加速器科学研究科"},{"subitem_text_value":"高エネルギー加速器研究機構計算科学センター／総合研究大学院大学高エネルギー加速器科学研究科"},{"subitem_text_value":"高エネルギー加速器研究機構計算科学センター／総合研究大学院大学高エネルギー加速器科学研究科"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"High Energy Accelerator Research Organization / School of High Energy Accelerator Science, The Graduate University for Advanced Studies (SOKENDAI)","subitem_text_language":"en"},{"subitem_text_value":"High Energy Accelerator Research Organization / School of High Energy Accelerator Science, The Graduate University for Advanced Studies (SOKENDAI)","subitem_text_language":"en"},{"subitem_text_value":"High Energy Accelerator Research Organization / School of High Energy Accelerator Science, The Graduate University for Advanced Studies (SOKENDAI)","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/217897/files/IPSJ-IOT22057015.pdf","label":"IPSJ-IOT22057015.pdf"},"date":[{"dateType":"Available","dateValue":"2024-05-12"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT22057015.pdf","filesize":[{"value":"1.6 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"80d9e0f8-cf5c-40cf-9848-db667888aa8e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2022 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"與那嶺, 亮"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"鈴木, 聡"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"一井, 信吾"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"KEK ではこれまで 10 年以上にわたり，外部公開サーバの各機器管理者がアプライアンスを使用して脆弱性診断・自己点検を行える環境を整備してきた．自己点検を導入した当初はアプライアンスが高速スキャンをすれば DoS になり，低速であると時間がかかるため非同期バッチ処理のような操作が必要であること，また脆弱性の説明文が分かりくいなどの理由でそのままでは受け入れられづらい面があったためアプライアンスの直接操作させることは避け，独自の UI サーバを仲介して運用していた．10 年の間にアプライアンスの説明文も改善され，サイバーセキュリティに対する構成員への啓蒙も遙かにすすみ，説明文を直接管理者が読んでもほぼ問題が無い状態となったことから，2021年度からは各管理者がアプライアンスの直接操作を行う方式に切り替えた．これによりユーザが発見した脆弱性への対応が十分であったかのイテレーション操作が簡便になり，従来よりも短い期間での自己点検が完了できるようになった．本稿はこのワークフローの移行によって得られた知見についてまとめたものである．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"For more than a decade, KEK has been developing an environment in which administrators who run public servers can perform vulnerability scans and self-inspections using an appliance. We had introduced our own UI server because firstly asynchronous batch processing was required at that time to avoid a DoS by a high-speed scan by the appliance, and secondly the vulnerability descriptions were difficult to understand and hardly acceptable. During the past 10 years, the issue on such descriptions have been improved, and also the awareness for cyber security among the administrators has been intensified. Now it seems the administrators can readily understand the descriptions directly provided by appliances, and in fact from FY2021 we have decided to make use of a UI of an appliance itself instead of using our own UI server. This made it easier for administrators to confirm whether discovered vulnerabilities were adequately addressed or not, and thus to shorten time of period for self-inspections than in the past. This paper summarizes the findings of this migration.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2022-05-12","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"15","bibliographicVolumeNumber":"2022-IOT-57"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"created":"2025-01-19T01:18:19.396974+00:00","id":217897,"links":{}}