Title :
Software Security
Author :
Wing, Jeannette M.
Author_Institution :
Carnegie Mellon Univ., Pittsburgh
Abstract :
Security vulnerabilities are increasingly due to software. While we focus much of our attention today on code-level vulnerabilities, such as buffer overflows, we should be paying more attention to design-level vulnerabilities. Independently designed and implemented components may individually behave properly, but when put together, unanticipated interactions may occur. An unanticipated interaction between two software components is an opportunity for an attacker to exploit.
Keywords :
process algebra; security of data; software metrics; algebra; buffer overflows; security metrics; security policy composition; security vulnerabilities; software security; Algebra; Application software; Buffer overflow; Computer science; Computer security; Petri nets; Protection; Software measurement; Software systems; Writing;
Conference_Titel :
Theoretical Aspects of Software Engineering, 2007. TASE '07. First Joint IEEE/IFIP Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-2856-4
DOI :
10.1109/TASE.2007.45
