Abstract
Software security is more difficult to achieve than it would appear at first sight. There are two facets to this:
-
1
firstly, there are the checks and procedures that can be implemented and enforced by software;
-
2
secondly, there is the testing and analysis of the programs to ensure that the checks are implemented correctly and completely. Further, one has to check that there are no other covert features anywhere in the programs within the computer system that would nullify any of the specified system defences.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The Orange Book is the colloquial name for the “Department of Defence Computer System Evaluation Criteria”, Security Center, Fort George G. Meade, Maryland (DoD 5200.28-STD) Dec 1985 — The nickname arises from the book's orange colour.
A Decentralized Model for Information Flow Control, Myers A.C. and Liskov B., Proceedings of the ACM SOSP 16, October 1997: http://www.pmg.lcs.mit.edu/
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag London
About this chapter
Cite this chapter
Hunter, J.M.D. (2001). Software Security. In: An Information Security Handbook. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-0261-8_10
Download citation
DOI: https://doi.org/10.1007/978-1-4471-0261-8_10
Publisher Name: Springer, London
Print ISBN: 978-1-85233-180-1
Online ISBN: 978-1-4471-0261-8
eBook Packages: Springer Book Archive