Title :
What Might We Mean By "Secure Code" and How Might We Teach What We Mean?
Author :
Irvine, Cynthia E.
Author_Institution :
Naval Postgraduate School Monterey, California
Abstract :
To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of system assurance levels is introduced as a solution to the combinatorial explosion of damage classes. Our approach to ensuring that students know how to construct evaluatable components, and as a by-product, "secure code," is discussed.
Keywords :
Asset management; Computer network management; Computer networks; Computer security; Costs; Explosions; Information management; Protection; Rabbits; Rails;
Conference_Titel :
Software Engineering Education and Training Workshops, 2006. CSEETW '06. 19th Conference on
Print_ISBN :
0-7695-2647-0
DOI :
10.1109/CSEETW.2006.24
