A SOA-based Impact Analysis for Vulnerability Management in E-Government

This paper suggests a SOA-based system impact management for information assurance vulnerability in E-Government. Once an information assurance vulnerability notice is given for a system, it is important for reducing massive system engineering efforts for system impact management. When multiple systems are updated by security patches for mitigating system vulnerability, system impact management based on system resource is trivial, in order to increase accuracy, efficiency and effectiveness of software processes. By employing XML technology, we can achieve seamless and efficient system impact management between heterogeneous system format as well as data formats in analysing and exchanging the pertinent information for information assurance vulnerability. Thus, when a system is updated to improve system vulnerability, the proposed SOA-based system impact management mechanism refers to the system resource information and produces the SOA DOM Tree reduced from the result of bipartite graph modelling. It provides baseline information for analysing the security model and posture of affected sustained system and minimizing the propagated negative impact. Then, an executable architecture for implementation to verify the proposed scheme and testing environment is presented to mitigate vulnerable systems for E-Government