Advertisement

Software Security Analysis: an Example Case Study

  • Brad Arkin
Part of the Advances in Information Security book series (ADIS, volume 2)

Abstract

This chapter presents an example outlining the process and results of a software security risk analysis. Unlike other types of security risk analyses, a software security analysis focuses on the design and implementation of the online application rather than the network and physical environment in which the application is deployed. An example is used to illustrate the benefits of a software security risk analysis and demonstrate how software security extends and complements conventional security and business risk analyses.

Keywords

Mitigation Strategy Security Risk Engineering Task Software Security Online Poker 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Arkin, et al., 1999]
    Arkin, B., Hill, F., Marks, S., McGraw, G., Schmid M., and Walls, T. “How We Learned to Cheat at Online Poker: A Study in Software Security.” Developer.com: Tech Focus, (September 28, 1999).Google Scholar
  2. [Craft, et al., 1998]
    Craft, R., Wyss, G., Vandewart, R., and Funkhouser, D. “An Open Framework for Risk Management.” Proc. 21rst NISSC (1998).Google Scholar
  3. [Goldberg and Wagner, 1996]
    Goldberg, I. and Wagner, D. “Randomness and the Netscape Browser.” Dr. Dobbs Journal, (January, 1996.)Google Scholar
  4. [Meritt, 1999]
    Meritt, J. “A Method for Quantitative Risk Analysis.” Proc. 22nd NISSC (1999).Google Scholar
  5. [Meritt, 1998]
    Meritt, J. “Risk Management.” Proc. 21rst NISSC (1998).Google Scholar
  6. [Schneier, 1996]
    Schneier, B. Applied Cryptography (Second Edition). John Wiley and Sons, 1996.Google Scholar

Copyright information

© Springer Science+Business Media New York 2001

Authors and Affiliations

  • Brad Arkin
    • 1
  1. 1.Cigital Inc.Dulles

Personalised recommendations