A taxonomy of computer program security flaws

An organized record of actual flaws can be useful to computer system designers, programmers, analysts, administrators, and users. This survey provides a taxonomy for computer program security flaws, with an Appendix that documents 50 actual security flaws. These flaws have all been described previously in the open literature, but in widely separated places. For those new to the field of computer security, they provide a good introduction to the characteristics of security flaws and how they can arise. Because these flaws were not randomly selected from a valid statistical sample of such flaws, we make no strong claims concerning the likely distribution of actual security flaws within the taxonomy. However, this method of organizing security flaw data can help those who have custody of more representative samples to organize them and to focus their efforts to remove and, eventually, to prevent the introduction of security flaws.

[1]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[2]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[3]  Richard R. Linde,et al.  Operating system penetration , 1975, AFIPS '75.

[4]  R. P. Abbott,et al.  Security Analysis and Enhancements of Computer Operating Systems , 1976 .

[5]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[6]  John F. Shoch,et al.  The “worm” programs—early experience with a distributed computation , 1982, CACM.

[7]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[8]  Carl E. Landwehr The Best Available Technologies for Computer Security , 1983, Computer.

[9]  Ken Thompson,et al.  Reflections on trusting trust , 1984, CACM.

[10]  Victor R. Basili,et al.  Evaluating Software Development by Analysis of Changes: Some Data from the Software Engineering Laboratory , 1985, IEEE Transactions on Software Engineering.

[11]  Henry Petroski,et al.  To Engineer Is Human: The Role of Failure in Successful Design , 1986 .

[12]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .

[13]  John McDermott A Technique for Removing an Important Class of Trojan Horses from High-Order Languages , 1988 .

[14]  Morrie Gasser,et al.  Building a Secure Computer System , 1988 .

[15]  Jon A. Rochlis,et al.  With microscope and tweezers: the worm from MIT's perspective , 1989, Commun. ACM.

[16]  A. Kohn [Computer viruses]. , 1989, Harefuah.

[17]  Standard Glossary of Software Engineering Terminology , 1990 .

[18]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[19]  William A. Florac Software Quality Measurement: A Framework for Counting Problems and Defects , 1992 .

[20]  Mark Sullivan,et al.  A comparison of software defects in database management systems and operating systems , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[21]  David Ferbrache BSc A Pathology of Computer Viruses , 1992, Springer London.

[22]  Hermann Kopetz,et al.  Dependability: Basic Concepts and Terminology , 1992 .

[23]  Inderpal S. Bhandari,et al.  Orthogonal Defect Classification - A Concept for In-Process Measurements , 1992, IEEE Trans. Software Eng..

[24]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.