Return to search

Identifying potential vulnerabilities in software designs

Software engineers currently rely on lengthy source code reviews, testing, and static analysis tools to attempt identification of software vulnerabilities. While these are sometimes effective, the methods used are limited and don't catch all security vulnerabilities.Work has been done in identifying areas of software prone to failure through a design metrics approach, and with success. This study aims to extend this idea to software security. The premise of this thesis is that the set of security vulnerabilities overlaps (or may be a subset of) the overall set of software bugs and failures. It is postulated that a good, reliable design should also be a secure design. This thesis identifies design issues which may lead to security vulnerabilities and proposes possible design metric enhancements to capture these design properties. / Department of Computer Science

Identiferoai:union.ndltd.org:BSU/oai:cardinalscholar.bsu.edu:handle/188295
Date January 2007
CreatorsMorris, Joseph C.
ContributorsZage, Wayne M.
Source SetsBall State University
Detected LanguageEnglish
Formatviii, 144 leaves ; 28 cm.
SourceVirtual Press

Page generated in 0.0019 seconds