Controls Against Program Threats
The picture we have just described is not
pretty. There are many ways a program can fail and many ways to turn the
underlying faults into security failures. It is of course better to focus on
prevention than cure; how do we use controls during software developmentthe
specifying, designing, writing, and testing of the programto find and eliminate
the sorts of exposures we have discussed? The discipline of software
engineering addresses this question more globally, devising approaches to
ensure the quality of software. In this book, we provide an overview of several
techniques that can prove useful in finding and fixing security flaws. For more
depth, we refer you to texts such as Pfleeger et al. and Pfleeger and Atlee.
In this section we look at
three types of controls: developmental, operating system, and administrative.
We discuss each in turn.
Developmental Controls
Many controls can be applied
during software development to ferret out and fix problems. So let us begin by
looking at the nature of development itself, to see what tasks are involved in
specifying, designing, building, and testing software.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.