DocumentCode :
3100919
Title :
A Survey of Vendor Software Assurance Practices
Author :
Epstein, Jeremy
Author_Institution :
SRI Int., Arlington, VA, USA
fYear :
2009
fDate :
7-11 Dec. 2009
Firstpage :
528
Lastpage :
537
Abstract :
Books and articles frequently exhort developers to build secure software by designing security in. A few large companies (most notably Microsoft) have completely reengineered their development process to include a focus on security. However, for all except the largest vendors, software security (or software assurance) is a relatively recent phenomenon, and one with an uncertain payoff. In this paper, we examine what real vendors do to ensure that their products are reasonably secure. Our conclusion is that software vendors put significant energy into software security, but there is significant variation in where they invest their money.
Keywords :
DP industry; security of data; Microsoft; secure software; software security; software vendors; vendor software assurance practices; Application software; Best practices; Books; Computer industry; Computer security; Galvanizing; Performance analysis; Software design; Software performance; Software testing; Software Assurance; commercial development practices; software security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 2009. ACSAC '09. Annual
Conference_Location :
Honolulu, HI
ISSN :
1063-9527
Print_ISBN :
978-0-7695-3919-5
Type :
conf
DOI :
10.1109/ACSAC.2009.56
Filename :
5380705
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3100919
بازگشت