• DocumentCode
    3053904
  • Title

    Is information security an oxymoron?

  • Author

    Knight, John C.

  • Author_Institution
    Dept. of Comput. Sci., Virginia Univ., Charlottesville, VA, USA
  • fYear
    1997
  • fDate
    16-19 Jun 1997
  • Firstpage
    120
  • Lastpage
    121
  • Abstract
    Although weaknesses have been demonstrated in some security techniques (encryption, protocols, mobile code such as Java, etc.), current security technology is quite strong in many areas. Despite this, information security has proved difficult to achieve in large modern software systems. Many problems have been reported in which supposedly secure systems have been penetrated and in some cases significant damage done. In practice, it appears that many (perhaps even the majority) of serious security failures are attributable to software engineering defects in the systems experiencing the failure. The author discusses the use of wrappers which can deal with deficiencies in security and considers the software architectural approach
  • Keywords
    security of data; software engineering; software reliability; Java; encryption; information security; large modern software systems; mobile code; protocols; security failures; software architecture; software engineering defects; wrappers; Availability; Buffer storage; Computer science; Cryptography; Degradation; Information security; Java; Protocols; Software engineering; Software systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Assurance, 1997. COMPASS '97. Are We Making Progress Towards Computer Assurance? Proceedings of the 12th Annual Conference on
  • Conference_Location
    Gaithersburg, MD
  • Print_ISBN
    0-7803-3979-7
  • Type

    conf

  • DOI
    10.1109/CMPASS.1997.613273
  • Filename
    613273
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3053904