组件安全-问题和方法

29th Annual International Computer Software and Applications Conference (COMPSAC'05) Pub Date : 2005-07-26 DOI:10.1109/COMPSAC.2005.58

N. Nissanke

{"title":"组件安全-问题和方法","authors":"N. Nissanke","doi":"10.1109/COMPSAC.2005.58","DOIUrl":null,"url":null,"abstract":"Security vulnerabilities posed by third-party software components in component based development (CBD) is a serious impediment to its adoption in areas that offer great economic potential, particularly in areas such as embedded software and large-scale enterprise software. They raise questions about reliability and integrity of components, as well as the risks posed by any malicious code. This paper is a discussion of factors that affect component security and ways of assuring component security. Using a simplified model of sendmail, it also outlines a formal framework that fits in with communicating sequential processes (CSP) for modelling and analysis of component security.","PeriodicalId":419267,"journal":{"name":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Component security - issues and an approach\",\"authors\":\"N. Nissanke\",\"doi\":\"10.1109/COMPSAC.2005.58\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security vulnerabilities posed by third-party software components in component based development (CBD) is a serious impediment to its adoption in areas that offer great economic potential, particularly in areas such as embedded software and large-scale enterprise software. They raise questions about reliability and integrity of components, as well as the risks posed by any malicious code. This paper is a discussion of factors that affect component security and ways of assuring component security. Using a simplified model of sendmail, it also outlines a formal framework that fits in with communicating sequential processes (CSP) for modelling and analysis of component security.\",\"PeriodicalId\":419267,\"journal\":{\"name\":\"29th Annual International Computer Software and Applications Conference (COMPSAC'05)\",\"volume\":\"40 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"29th Annual International Computer Software and Applications Conference (COMPSAC'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COMPSAC.2005.58\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"29th Annual International Computer Software and Applications Conference (COMPSAC'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC.2005.58","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

基于组件的开发(CBD)中第三方软件组件带来的安全漏洞严重阻碍了其在具有巨大经济潜力的领域的采用，特别是在嵌入式软件和大型企业软件等领域。它们对组件的可靠性和完整性以及任何恶意代码带来的风险提出了质疑。本文讨论了影响组件安全的因素和保证组件安全的方法。使用简化的sendmail模型，它还概述了一个正式框架，该框架适合用于组件安全性建模和分析的通信顺序过程(CSP)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Component security - issues and an approach

Security vulnerabilities posed by third-party software components in component based development (CBD) is a serious impediment to its adoption in areas that offer great economic potential, particularly in areas such as embedded software and large-scale enterprise software. They raise questions about reliability and integrity of components, as well as the risks posed by any malicious code. This paper is a discussion of factors that affect component security and ways of assuring component security. Using a simplified model of sendmail, it also outlines a formal framework that fits in with communicating sequential processes (CSP) for modelling and analysis of component security.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

29th Annual International Computer Software and Applications Conference (COMPSAC'05)

自引率

0.00%

发文量