• DocumentCode
    3405328
  • Title

    A Contextual Guidance Approach to Software Security

  • Author

    Schugerl, Philipp ; Walsh, David ; Rilling, Juergen ; Charland, Philippe

  • Author_Institution
    Dept. of Comput. Sci. & Software Eng., Concordia Univ., Montreal, QC, Canada
  • Volume
    2
  • fYear
    2009
  • fDate
    20-24 July 2009
  • Firstpage
    194
  • Lastpage
    199
  • Abstract
    With the ongoing trend towards the globalization of software systems and their development, components in these systems might not only work together, but may end up evolving independently from each other. Modern IDEs have started to incorporate support for these highly distributed environments, by adding new collaborative features. As a result, assessing and controlling system quality (e.g. security concerns) during system evolution in these highly distributed systems become a major challenge. In this research, we introduce a unified ontological representation that integrates best security practices in a context-aware tool implementation. As part of our approach, we integrate information from traditional static source code analysis with semantic rich structural information in a unified ontological representation. We illustrate through several use cases how our approach can support the evolvability of software systems from a security quality perspective.
  • Keywords
    groupware; ontologies (artificial intelligence); program diagnostics; security of data; software maintenance; software quality; software reusability; ubiquitous computing; collaborative feature; contextual guidance approach to; distributed environment; reusable security; semantic rich structural information; software quality; software security; software system globalization; static source code analysis; system evolution; unified ontological representation; Application software; Collaborative work; Computer applications; Control systems; Globalization; Information security; Ontologies; Programming; Protection; Software systems; Context-aware; security concerns;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Software and Applications Conference, 2009. COMPSAC '09. 33rd Annual IEEE International
  • Conference_Location
    Seattle, WA
  • ISSN
    0730-3157
  • Print_ISBN
    978-0-7695-3726-9
  • Type

    conf

  • DOI
    10.1109/COMPSAC.2009.133
  • Filename
    5254128
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3405328