Managing software security risks
G McGraw - Computer, 2002 - ieeexplore.ieee.org
Most organizations manage computer security risk reactively by investing in technologies
designed to protect against known system vulnerabilities and monitor intrusions as they …
designed to protect against known system vulnerabilities and monitor intrusions as they …
Neutralizing windows-based malicious mobile code
JA Whittaker, A De Vivanco - Proceedings of the 2002 ACM symposium …, 2002 - dl.acm.org
Mobile code---executable programs that get copied from computer-to-computer via e-mail,
web browsers, etc.---is a popular way to stage malicious attacks against users. The Windows …
web browsers, etc.---is a popular way to stage malicious attacks against users. The Windows …
On bricks and walls: Why building secure software is hard
G McGraw - Computers & Security, 2002 - elibrary.ru
The ultimate answer to the computer security problem lies in making software behave.
Current approaches, based on fixing things only after they have been exploited in fielded …
Current approaches, based on fixing things only after they have been exploited in fielded …
[PDF][PDF] Security in untrusted code environments: Missing pieces of the puzzle
V Razmov - Dept. of Computer Science and Engineering, University …, 2002 - Citeseer
Security enforcement mechanisms for controlling the execution of untrusted component
code have evolved away from the strict sandbox confinement toward more flexible code …
code have evolved away from the strict sandbox confinement toward more flexible code …
[PDF][PDF] MOST: A tamper detection tool for mobile java software
Mobile code provides a highly flexible and beneficial form of computing. However, mobile
code use creates complex security considerations beyond those associated with the …
code use creates complex security considerations beyond those associated with the …
Bandwidth efficient tamper detection for distributed java systems
M Jochen, L Marvel, LL Pollock - Proceedings 16th Annual …, 2002 - ieeexplore.ieee.org
The benefits of distributed computation present complex security considerations beyond
those associated with the traditional computing paradigm. This paper describes a bandwidth …
those associated with the traditional computing paradigm. This paper describes a bandwidth …
AFRL/Cornell Information Assurance Institute
FB Schneider - 2002 - apps.dtic.mil
The AFRLCornell Information Assurance Institute supports a broad spectrum of research
aimed at developing a science and technology base to enhance information assurance and …
aimed at developing a science and technology base to enhance information assurance and …