Visible to the public SCAP benchmark for Cisco router security configuration compliance

TitleSCAP benchmark for Cisco router security configuration compliance
Publication TypeConference Paper
Year of PublicationSubmitted
AuthorsHlyne, C. N. N., Zavarsky, P., Butakov, S.
Conference Name2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)
KeywordsAutomation, Benchmark testing, business data processing, Cisco router security configuration compliance, formal specification, information security management, NIST, Operating systems, OVAL, policy compliance evaluation, SCAP benchmark, security, security automation, security compliance, security content automation protocol, security of data, vulnerability measurement, XCCDF
AbstractInformation security management is time-consuming and error-prone. Apart from day-to-day operations, organizations need to comply with industrial regulations or government directives. Thus, organizations are looking for security tools to automate security management tasks and daily operations. Security Content Automation Protocol (SCAP) is a suite of specifications that help to automate security management tasks such as vulnerability measurement and policy compliance evaluation. SCAP benchmark provides detailed guidance on setting the security configuration of network devices, operating systems, and applications. Organizations can use SCAP benchmark to perform automated configuration compliance assessment on network devices, operating systems, and applications. This paper discusses SCAP benchmark components and the development of a SCAP benchmark for automating Cisco router security configuration compliance.
DOI10.1109/ICITST.2015.7412104
Citation Keyhlyne_scap_2015