Software security

Author

McGraw, Gary

Volume

2

Issue

2

fYear

2004

Firstpage

80

Lastpage

83

Abstract

Software security is the idea of engineering software so that it continues to function correctly under malicious attack. Most technologists acknowledge this undertaking´s importance, but they need some help in understanding how to tackle it. The article aims to provide that help by exploring software security best practices. A central and critical aspect of the computer security problem is a software problem. Software defects with security ramifications, including implementation bugs such as buffer overflows and design flaws such as inconsistent error handling, promise to be with us for years. All too often, malicious intruders can hack into systems by exploiting software defects. Internet-enabled software applications present the most common security risk encountered today, with software´s ever-expanding complexity and extensibility adding further fuel to the fire. By any measure, security holes in software are common, and the problem is growing.

Keywords

Internet; computer crime; risk management; software quality; software reliability; Internet-enabled software applications; best practices; buffer overflows; computer security problem; design flaws; implementation bugs; inconsistent error handling; malicious attack; malicious intruders; security holes; security ramifications; security risk; software defects; software security; Application software; Best practices; Buffer overflow; Computer bugs; Computer errors; Computer hacking; Computer security; Fuels; Internet; Software systems;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSECP.2004.1281254

Filename

1281254