A call to action look beyond the horizon
暂无分享,去创建一个
[1] J. Meseguer,et al. Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.
[2] Ken Frazer,et al. Building secure software: how to avoid security problems the right way , 2002, SOEN.
[3] Yang Meng Tan,et al. LCLint: a tool for using specifications to check code , 1994, SIGSOFT '94.
[4] Gary McGraw,et al. From the Ground Up: The DIMACS Software Security Workshop , 2003, IEEE Secur. Priv..
[5] Barton P. Miller,et al. An empirical study of the reliability of UNIX utilities , 1990, Commun. ACM.
[6] Gary McGraw,et al. ITS4: a static vulnerability scanner for C and C++ code , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).
[7] Dawson R. Engler,et al. Using programmer-written compiler extensions to catch security holes , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[8] Gary McGraw,et al. Attacking Malicious Code: A Report to the Infosec Research Council , 2000, IEEE Software.
[9] Gary McGraw,et al. Statically Scanning Java Code: Finding Security Vulnerabilities , 2000, IEEE Software.
[10] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[11] Morrie Gasser,et al. Building a Secure Computer System , 1988 .
[12] Sacha Brostoff,et al. Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security , 2001 .
[13] Paul Dourish,et al. Unpacking "privacy" for a networked world , 2003, CHI '03.
[14] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[15] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.
[16] William A. Arbaugh,et al. IEEE 52 Computer , 1985 .
[17] Paul Jones,et al. Secrets and Lies: Digital Security in a Networked World , 2002 .
[18] Benedict G. E. Wiedemann. Protection? , 1998, Science.
[19] Matt Bishop,et al. Checking for Race Conditions in File Accesses , 1996, Comput. Syst..
[20] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..
[21] FrazerKen. Building secure software , 2002 .
[22] Dan S. Wallach,et al. Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.
[23] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .
[24] Barton P. Miller,et al. Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services , 1995 .
[25] Dawson R. Engler,et al. Checking system rules using system-specific, programmer-written compiler extensions , 2000, OSDI.
[26] William R. Bush,et al. A static analyzer for finding dynamic programming errors , 2000, Softw. Pract. Exp..
[27] Gary McGraw,et al. Securing Java: getting down to business with mobile code , 1999 .
[28] Gary McGraw,et al. An automated approach for identifying potential vulnerabilities in software , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).