Title :
Assessing the Threat Landscape for Software Libraries
Author :
Kannavara, Raghudeep
Author_Institution :
Intel Corp., Hillsboro, OH, USA
Abstract :
Libraries are a collection of implementations of behavior written in a computer programming language providing a well-defined interface by which the behavior can be invoked. Although a majority of the code in numerous applications comes from libraries, the risk of security vulnerabilities that comes with these libraries is often overlooked. In this regard, we seek to assess the threat landscape associated with software libraries and discuss mitigation strategies via Security Development Lifecycle (SDL).
Keywords :
programming languages; security of data; software libraries; SDL; computer programming language; mitigation strategy; security development lifecycle; security vulnerability; software library; threat landscape; Joining processes; Licenses; Operating systems; Security; Software libraries; Security Development Lifecycle; Software Libraries; Software Security; Threat Model; Vulnerability Assessment;
Conference_Titel :
Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on
Conference_Location :
Naples
DOI :
10.1109/ISSREW.2014.58
