• DocumentCode
    884865
  • Title

    Considering defense in depth for software applications

  • Author

    Stytz, M.R.

  • Author_Institution
    Air Force Res. Lab., Wright-Patterson AFB, OH, USA
  • Volume
    2
  • Issue
    1
  • fYear
    2004
  • Firstpage
    72
  • Lastpage
    75
  • Abstract
    Despite efforts to develop processes and technologies that enhance software application security, to date, no one has found a "silver-bullet" solution or set of solutions that solve this complex problem - and there don\´t appear to be any on the horizon. As a result, perhaps researchers and developers should consider a defense-in-depth strategy and determine if it provides a more resilient and cost-effective approach to application security than a single line of defense. The best defense-in-depth strategy for software source and binary code would intertwine application defenses in such a manner that each defensive technique interlocks with and supports all the others. Of necessity, this conceptualization for interlocking defense Would not relieve the development team of the need to maintain best practices for secure software development and software development in general.
  • Keywords
    security of data; software engineering; application defenses; application security; best practices; binary code; cyberworld; defense-in-depth strategy; development team; interlocking defense; secure software development; software application security; software applications; software source code; Application software; Biosensors; Computer architecture; Computer security; Data analysis; Performance analysis; Privacy; Protection; Software performance; Visualization;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSECP.2004.1264860
  • Filename
    1264860
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=884865