Software Security: The Dangerous Afterthought

2012 Ninth International Conference on Information Technology - New Generations Pub Date : 2012-04-16 DOI:10.1109/ITNG.2012.60

C. Steward, Luay A. Wahsheh, Aftab Ahmad, J. Graham, Cheryl V. Hinds, Aurelia T. Williams, S. J. DeLoatch

{"title":"Software Security: The Dangerous Afterthought","authors":"C. Steward, Luay A. Wahsheh, Aftab Ahmad, J. Graham, Cheryl V. Hinds, Aurelia T. Williams, S. J. DeLoatch","doi":"10.1109/ITNG.2012.60","DOIUrl":null,"url":null,"abstract":"As users of many different types of software, one of the last things we think about when deciding which is best for the task at hand is the security of the software. This of course depends on the type of software as well. If it is banking or tax software then, security is of concern. However, in most cases the thought rarely crosses the average users mind. That is until something happens to the system or information the system may hold. This way of thinking is very similar to the way some software is created. The software's features, usability, and interface are normally at the forefront. On the other hand the software's security is just an afterthought for many developers. While software is developed in a very intricate process, it does not currently stress security. In this paper, we will describe different approaches that have been recently researched to help create more secure software. Although these approaches will be introduced separately, using a combination of two or all three together would be the most secure combination.","PeriodicalId":117236,"journal":{"name":"2012 Ninth International Conference on Information Technology - New Generations","volume":"137 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Ninth International Conference on Information Technology - New Generations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNG.2012.60","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

As users of many different types of software, one of the last things we think about when deciding which is best for the task at hand is the security of the software. This of course depends on the type of software as well. If it is banking or tax software then, security is of concern. However, in most cases the thought rarely crosses the average users mind. That is until something happens to the system or information the system may hold. This way of thinking is very similar to the way some software is created. The software's features, usability, and interface are normally at the forefront. On the other hand the software's security is just an afterthought for many developers. While software is developed in a very intricate process, it does not currently stress security. In this paper, we will describe different approaches that have been recently researched to help create more secure software. Although these approaches will be introduced separately, using a combination of two or all three together would be the most secure combination.

查看原文本刊更多论文

软件安全:危险的事后考虑

作为许多不同类型软件的用户，在决定哪种软件最适合手头的任务时，我们考虑的最后一件事是软件的安全性。当然，这也取决于软件的类型。如果是银行或税务软件，那么安全性是值得关注的。然而，在大多数情况下，普通用户很少想到这一点。直到系统或系统可能保存的信息发生变化。这种思维方式与某些软件的创建方式非常相似。软件的特性、可用性和界面通常是最重要的。另一方面，对于许多开发人员来说，软件的安全性只是事后的考虑。虽然软件开发是一个非常复杂的过程，但它目前并不强调安全性。在本文中，我们将描述最近研究的不同方法，以帮助创建更安全的软件。虽然这些方法将分别介绍，但将两种或所有三种方法结合使用将是最安全的组合。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Ninth International Conference on Information Technology - New Generations

自引率

0.00%

发文量