liu.seSök publikationer i DiVA
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Design of a Process for Software Security
Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
2007 (Engelska)Ingår i: Second International Conference on Availability, Reliability and Security, 2007, IEEE Computer Society, 2007, s. 301-309Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Security is often an afterthought when developing software, and is often bolted on late in development or even during deployment or maintenance, through activities such as penetration testing, add-on security software and penetrate-and-patch maintenance. We believe that security needs to be built in to the software from the beginning, and that security activities need to take place throughout the software lifecycle. Accomplishing this effectively and efficiently requires structured approach combining a detailed understanding on what causes vulnerabilities, and how to prevent them. In this paper we present a process for software security that is based on vulnerability cause graphs, a formalism we have developed for modeling the causes of software vulnerabilities. The purpose of the software security process is to evolve the software development process so that vulnerabilities are prevented. The process we present differs from most current approaches to software security in its high degree of adaptability and in its ability to evolve in step with changing threats and risks. This paper focuses on how to apply the process and the criteria that have influenced the process design

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2007. s. 301-309
Nyckelord [en]
Software security, software process improvement
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
URN: urn:nbn:se:liu:diva-37683DOI: 10.1109/ARES.2007.67ISI: 000246485700037Lokalt ID: 37345ISBN: 978-0-7695-2775-8 (tryckt)ISBN: 0-7695-2775-2 (tryckt)OAI: oai:DiVA.org:liu-37683DiVA, id: diva2:258532
Konferens
Second International Conference on Availability, Reliability and Security (ARES 2007), 10-13 April 2007, Vienna, Austria
Tillgänglig från: 2009-10-10 Skapad: 2009-10-10 Senast uppdaterad: 2018-01-13

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltext

Personposter BETA

Byers, DavidShahmehri, Nahid

Sök vidare i DiVA

Av författaren/redaktören
Byers, DavidShahmehri, Nahid
Av organisationen
Tekniska högskolanDatabas och informationsteknik
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 177 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf