Software Security

  • John M. D. Hunter
Part of the Computer Communications and Networks book series (CCN)

Abstract

Software security is more difficult to achieve than it would appear at first sight. There are two facets to this:
  1. 1

    firstly, there are the checks and procedures that can be implemented and enforced by software;

     
  2. 2

    secondly, there is the testing and analysis of the programs to ensure that the checks are implemented correctly and completely. Further, one has to check that there are no other covert features anywhere in the programs within the computer system that would nullify any of the specified system defences.

     

Keywords

Assured Defend 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    The Orange Book is the colloquial name for the “Department of Defence Computer System Evaluation Criteria”, Security Center, Fort George G. Meade, Maryland (DoD 5200.28-STD) Dec 1985 — The nickname arises from the book's orange colour.Google Scholar
  2. 2.
    A Decentralized Model for Information Flow Control, Myers A.C. and Liskov B., Proceedings of the ACM SOSP 16, October 1997: http://www.pmg.lcs.mit.edu/

Copyright information

© Springer-Verlag London 2001

Authors and Affiliations

  • John M. D. Hunter
    • 1
  1. 1.CISM GroupCranfield University, RMCSShrivenham, SwindonUK

Personalised recommendations