Software security

2 August 2004

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Security & Privacy

Vol. 2 (2), 80-83
https://doi.org/10.1109/msecp.2004.1281254

Abstract

Software security is the idea of engineering software so that it continues to function correctly under malicious attack. Most technologists acknowledge this undertaking's importance, but they need some help in understanding how to tackle it. The article aims to provide that help by exploring software security best practices. A central and critical aspect of the computer security problem is a software problem. Software defects with security ramifications, including implementation bugs such as buffer overflows and design flaws such as inconsistent error handling, promise to be with us for years. All too often, malicious intruders can hack into systems by exploiting software defects. Internet-enabled software applications present the most common security risk encountered today, with software's ever-expanding complexity and extensibility adding further fuel to the fire. By any measure, security holes in software are common, and the problem is growing.

Keywords

This publication has 5 references indexed in Scilit:

A call to action look beyond the horizon
IEEE Security & Privacy, 2003
From the ground up: the DIMACS software security workshop
IEEE Security & Privacy, 2003
Inside the Windows security push
IEEE Security & Privacy, 2003
Building secure software: better than protecting bad software
IEEE Software, 2002
Testing for security during development: why we should scrap penetrate-and-patch
IEEE Aerospace and Electronic Systems Magazine, 1998

Cited by 277 articles