Mati Ullah Khan, Mansoor Munib, U. Manzoor, S. Nefti
{"title":"在架构级别分析风险","authors":"Mati Ullah Khan, Mansoor Munib, U. Manzoor, S. Nefti","doi":"10.1109/I-SOCIETY18435.2011.5978442","DOIUrl":null,"url":null,"abstract":"Conventional risk analysis techniques do not necessarily cover all security aspects in software. Defects in a software design cannot be identified by simply looking for flaws in the code. Therefore, carrying out risk analysis at architecture level is important. In this paper, we have performed architectural risk analysis of Chromium (which is an open source web browser project) and a custom developed small sized web service. The method followed to carry out the analysis is a best practice approach described by Gary McGraw in his book Software Security: Building Security In.","PeriodicalId":158246,"journal":{"name":"International Conference on Information Society (i-Society 2011)","volume":"173 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Analyzing risks at architectural level\",\"authors\":\"Mati Ullah Khan, Mansoor Munib, U. Manzoor, S. Nefti\",\"doi\":\"10.1109/I-SOCIETY18435.2011.5978442\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Conventional risk analysis techniques do not necessarily cover all security aspects in software. Defects in a software design cannot be identified by simply looking for flaws in the code. Therefore, carrying out risk analysis at architecture level is important. In this paper, we have performed architectural risk analysis of Chromium (which is an open source web browser project) and a custom developed small sized web service. The method followed to carry out the analysis is a best practice approach described by Gary McGraw in his book Software Security: Building Security In.\",\"PeriodicalId\":158246,\"journal\":{\"name\":\"International Conference on Information Society (i-Society 2011)\",\"volume\":\"173 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Information Society (i-Society 2011)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/I-SOCIETY18435.2011.5978442\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Information Society (i-Society 2011)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/I-SOCIETY18435.2011.5978442","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Conventional risk analysis techniques do not necessarily cover all security aspects in software. Defects in a software design cannot be identified by simply looking for flaws in the code. Therefore, carrying out risk analysis at architecture level is important. In this paper, we have performed architectural risk analysis of Chromium (which is an open source web browser project) and a custom developed small sized web service. The method followed to carry out the analysis is a best practice approach described by Gary McGraw in his book Software Security: Building Security In.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
