Title :
Software Security; A Vulnerability Activity Revisit
Author :
Hadavi, M.A. ; Sangchi, H.M. ; Hamishagi, V.S. ; Shirazi, H.
Abstract :
This paper attempts to introduce a method for developing secure software based on the vulnerabilities which are already known. In the proposed method, the most prevalent vulnerabilities are selected. For each vulnerability its location of appearance within the software development process, as well as methods of mitigation through design-level or implementation- level activities is discussed. Mapping vulnerabilities to design and implementation within software development process not only results to a better understanding of vulnerability emergence, but also allows countermeasures to be applied during initial steps of vulnerability creation, and thus better software security. This mapping shows that choosing a suitable programming language and enforcing the least privileges are the most vital design time decisions. Also, security code review and server side input validation are implementation-level activities assumed to cover most of the vulnerabilities.
Keywords :
safety-critical software; security of data; software development process; software security; vulnerability creation; vulnerability emergence; vulnerability-activity revisit; Application software; Availability; Computer languages; Data security; Network servers; Open source software; Programming; Reliability engineering; Software design; Software engineering; Activity; Vulnerability; design; implementation; security; software;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.200
