Title :
Is information security an oxymoron?
Author_Institution :
Dept. of Comput. Sci., Virginia Univ., Charlottesville, VA, USA
Abstract :
Although weaknesses have been demonstrated in some security techniques (encryption, protocols, mobile code such as Java, etc.), current security technology is quite strong in many areas. Despite this, information security has proved difficult to achieve in large modern software systems. Many problems have been reported in which supposedly secure systems have been penetrated and in some cases significant damage done. In practice, it appears that many (perhaps even the majority) of serious security failures are attributable to software engineering defects in the systems experiencing the failure. The author discusses the use of wrappers which can deal with deficiencies in security and considers the software architectural approach
Keywords :
security of data; software engineering; software reliability; Java; encryption; information security; large modern software systems; mobile code; protocols; security failures; software architecture; software engineering defects; wrappers; Availability; Buffer storage; Computer science; Cryptography; Degradation; Information security; Java; Protocols; Software engineering; Software systems;
Conference_Titel :
Computer Assurance, 1997. COMPASS '97. Are We Making Progress Towards Computer Assurance? Proceedings of the 12th Annual Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
0-7803-3979-7
DOI :
10.1109/CMPASS.1997.613273
