Assessment System Based On Oval Loopholes

With the rapid development of computer network technology, network security has becomed the focus of the current network technology. Vulnerabilitiy assessment technology can detect potential security vulnerabilities and assess the security situation of network .It is one of the most important network security technology.Now there are many vunerability scanners and network security assessment tools, but they could not satisfy the demand of network security. However, there is not one standardized method and product or the service which conforms to the standard. The product and the service cannot accurately dectect the existence vulnerability, patch mistake and configuration mistake of the system.And each kind of network security product and the service can not be well compatible and operate mutually. This causes the network security assessment to be still stern.In light of the status this paper has studied the vunerability assessment system based on the international open vulnerability and assessment language. The purpose is to study the standardized description method of the vulnerability and to realize the standardization of the vulnerability description and the process of the vulnerability detection and assessment and to assess the overall security situation of the network. The vunerability assessment system based on OVAL will be good to solve the problem of the compatibility. The vulnerability assessment system uses a control center with a multi-agent system architecture.The paper has studied the present situation and the development of the current vulnerability detection and assessment technology. Current popular vulnerability dectection products have been analyzed. The vulnerability detection technology develop ahead standardization .The paper has studied the reasons that the cause vulnerabilities, the harm of the vulnerability, the vulnerability detection principle as well as the development.of the vulnerability detection technology.The paper has studied the OVAL standard, the definition of the elements of the OVAL and the definition of the vulnerability with OVAL.To the single vulnerability security rank, this article uses the CVSS to assess it in the system.This article do the comprehensive research to the CVSS. CVSS assesses the vulnerability security rank from the basic factor, the life cycle factor and the environment factor. And this was elaborated with the example. Taking the oval vulnerability definition and the CVSS grading standard as foundations, the paper has studied network security situation assessment method based on the security case to assess the overall security situation of the network and the system.Finaly the paper has combined the traditional technology of the vulnerability detection and the newest OVAL and analyzed and designed the vulnerability assessment system based on OVAL.The paper has analyzed the goal of the system design, the management process of the system, the system architecture, and the basic functional modules. Finally the paper implemented and tested the main modules of the vulnerability assessment system based on the OVAL.