Abstract
In the corporate environment, we use a variety of software. To increase security, patch management systems are used to manage software patches. This study analyzes existing patch management systems to identify security threats. Furthermore, we utilized blockchain to manage patches safely and efficiently. Using this research, vendors operating patch management systems can connect to the blockchain network to share the verified patch information. It also stores the public key information required to verify the integrity of the patch and the information generated during patch management in the block. This effectively monitors the patch management process. It also reduces patch management costs and improves security.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lee CW, Im EG, Seol JT, Sohn TS, Moon JS, Kim DK (2003) A secure patch distribution architecture. In: Intelligent Systems Design and Applications, pp 229–238
Cavusoglu H, Cavusoglu H, Zhang J (2006) Economics of security patch management. In: The Fifth Workshop on the Economics of Information Security (WEIS 2006)
Suryani V, Sulistyo S, Widyawan W (2017) Internet of Things (IoT) framework for granting trust among objects. J Inf Process Syst 13:1613–1627
Eyal I, Gencer AE, Sirer EG, Van Renesse R (2016) Bitcoin-ng: a scalable blockchain protocol. In: 13th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 16), pp 45–59
Porru S, Pinna A, Marchesi M, Tonelli R (2017) Blockchain-oriented software engineering: challenges and new directions. In: 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C), pp 169–171
Kim HW, Jeong YS (2018) Secure authentication-management human-centric scheme for trusting personal resource information on mobile cloud computing with blockchain. Hum Centric Comput Inf Sci 8:11
Korea Internet & Security Agency (2013) Status of infringement accidents through major internet accident experiences in South Korea
Bartoletti T, Dobbs LA, Kelley M (1997) Secure software distribution system. In: Proceedings of the 20th NIST-NCSC National Information Systems Security Conference, pp 191–201
Kim JH, Won YJ (2017) Patch integrity verification method using dual electronic signatures. J Inf Process Syst 13:1516–1526
JongHyup L (2018) Patch transporter: incentivized, decentralized software patch system for WSN and IoT environments. Sensors 18(2):574
Iansiti M, Lakhani KR (2017) The truth about blockchain. Harv Bus Rev 95:118–127
Mougayar W (2016) The business blockchain: promise, practice, and application of the next Internet technology. Wiley, New York
Huh JH, Seo K (2018) Blockchain-based mobile fingerprint verification and automatic log-in platform for future computing. J Supercomput 2018:1–17
Guo Y, Liang C (2016) Blockchain application and outlook in the banking industry. Financ Innov 2:24
Khan MA, Salah K (2018) IoT security: review, blockchain solutions, and open challenges. Futur Gener Comput Syst 82:395–411
Bozic N, Pujolle G, Secci S (2016) A tutorial on blockchain and applications to secure network control-planes. In: 2016 3rd Smart Cloud Network and Systems. https://doi.org/10.1109/scns.2016.7870552
Sharma PK, Moon SY, Park JH (2017) Block-VN: a distributed blockchain based vehicular network architecture in smart city. J Inf Process Syst 13:184–195
Nakamoto S (2009) Bitcoin: a peer-to-peer electronic cash system [Online]. Available: http://www.bitcoin.org/bitcoin.pdf
Lin IC, Liao TC (2017) A survey of blockchain security issues and challenges. Int J Netw Secur 19:653–659
Shon T, Moon J, Lee C, Im EG, Seo JT (2003) Safe patch distribution architecture. In: Intranet Environments, Security and Management, pp 455–460
Small RA, Brykczynski B (2003) Reducing internet-based intrusions: effective security patch management. IEEE Softw 20:50–57
Acknowledgements
This research was supported by the MSIT (Ministry of Science and ICT), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2019-2016-0-00304) supervised by the IITP (Institute for Information & communications Technology Promotion).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kim, Y., Won, Y. A new cost-saving and efficient method for patch management using blockchain. J Supercomput 76, 5301–5319 (2020). https://doi.org/10.1007/s11227-019-02946-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-019-02946-y