Certifying e-commerce software for security

This paper briefly describes the work in progress at Reliable Software Technologies in developing a certification process for certifying the security of software. We are not concerned with how well the resulting software meets its intended functionality, but rather to what extent the software behaves securely. We define certifying software as: analyzing software until confidence is gained in the security of the software or until it can be demonstrated that the software fails to meet the security policy.

[1]  Mourad Debbabi,et al.  Detection of Malicious Code in Cots Software: A Short Survey , 1999 .

[2]  Bogdan Korel,et al.  The chaining approach for software test data generation , 1996, TSEM.

[3]  Bogdan Korel,et al.  Program slicing in understanding of large programs , 1998, Proceedings. 6th International Workshop on Program Comprehension. IWPC'98 (Cat. No.98TB100242).

[4]  Mark C. Paulk,et al.  The Capability Maturity Model: Guidelines for Improving the Software Process , 1994 .

[5]  David W. Binkley,et al.  Program slicing , 2008, 2008 Frontiers of Software Maintenance.

[6]  Karl N. Levitt,et al.  MCF: a malicious code filter , 1995, Comput. Secur..