• DocumentCode
    1492970
  • Title

    Are Patched Machines Really Fixed?

  • Author

    Gardner, R.W. ; Bishop, Matt ; Kohno, Tadayoshi

  • Author_Institution
    Johns Hopkins Univ., Baltimore, MD, USA
  • Volume
    7
  • Issue
    5
  • fYear
    2009
  • Firstpage
    82
  • Lastpage
    85
  • Abstract
    Updating and patching has become a ubiquitous part of software maintenance, with particular importance to security. It´s especially crucial when the systems in question perform vital functions and security compromises might yield drastic consequences. Unfortunately, updates intended to remediate security problems are sometimes incomplete, are flawed, or introduce new vulnerability themselves. The authors present several examples of such instances in a widely used electronic voting system, a device for which security is critical. A central lesson of the study is that evaluating a system´s security by examining changes between revisions is insufficient; you must evaluate and analyze the system as a whole.
  • Keywords
    security; software maintenance; ubiquitous computing; patched machines; software maintenance; systems security; ubiquitous part; Electronic voting systems; Security; Software maintenance; electronic voting; integrity; patching; security & privacy; updates;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2009.116
  • Filename
    5280141
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1492970