Secure coding in software development
作者: Nor Harisah Zainuddin Zenah , Normaziah Abd Aziz
DOI: 10.1109/MYSEC.2011.6140716
关键词: Secure coding 、 Secure by design 、 Software peer review 、 World Wide Web 、 Software construction 、 Social software engineering 、 Software development 、 Software system 、 Computer science 、 Vulnerability management 、 Computer security
摘要: The demand of secure computing systems and its platform is crucial in today's networked world. As the number illegitimate users applications increased, vulnerabilities can be a treat to individuals organizations. This paper highlights software approaches address them. In addition such awareness that has been going on for past decade, this research proposed tool increase engineer's skills knowledge towards building system. will discussed about present these form exercises, questions, queries, solution including some examples every vulnerability order give more clearer understanding users.
iium.edu.my
sci-hub.se 参考文章(16)
Mariam Kamkar, John Wilander, A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention network and distributed system security symposium. pp. 149- ,(2003)
Seong Chae Seo, Jae Hee Lee, Chul Su Park, Byung Ki Kim, Assuring software security against buffer overflow attacks in embedded software development life cycle international conference on advanced communication technology. ,vol. 1, pp. 787- 790 ,(2010)
R. Seacord, Secure coding in C and C ,(2005)
Khairul Anwar Sedek, Norlis Osman, Mohd Nizam Osman, Hj. Kamaruzaman Jusoff, Developing a Secure Web Application Using OWASP Guidelines Computer and Information Science. ,vol. 2, pp. 137- 143 ,(2009) , 10.5539/CIS.V2N4P137
F. Piessens, B. Jacobs, W. Joosen, Software security: experiments on the .NET common language run-time and the Shared Source Common Language Infrastructure IEE Proceedings - Software. ,vol. 150, pp. 303- 307 ,(2003) , 10.1049/IP-SEN:20030985
Roman V. Yampolskiy, User Authentication via Behavior Based Passwords long island systems, applications and technology conference. pp. 1- 8 ,(2007) , 10.1109/LISAT.2007.4312636
B.B. Madan, S. Phoha, K.S. Trivedi, StackOFFence: a technique for defending against buffer overflow attacks international conference on information technology coding and computing. ,vol. 1, pp. 656- 661 ,(2005) , 10.1109/ITCC.2005.260
Zili Shao, C. Xue, Q. Zhuge, M. Qiu, Bin Xiao, E.H.-M. Sha, Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software IEEE Transactions on Computers. ,vol. 55, pp. 443- 453 ,(2006) , 10.1109/TC.2006.59
F.A. Alsulaiman, A. El Saddik, Three-Dimensional Password for More Secure Authentication IEEE Transactions on Instrumentation and Measurement. ,vol. 57, pp. 1929- 1938 ,(2008) , 10.1109/TIM.2008.919905
Shanai Ardi, David Byers, Nahid Shahmehri, Towards a structured unified process for software security Proceedings of the 2006 international workshop on Software engineering for secure systems - SESS '06. pp. 3- 10 ,(2006) , 10.1145/1137627.1137630