论文信息 - Composing Security-Aware Software

Composing Security-Aware Software

This article addresses a key issue in security: how to inspire trust by disclosing security properties of software components to others in a component-based software development environment. The authors introduce a component security characterization framework in this endeavor that characterizes security properties by exposing software security profiles to others. The active interface lets software engineers know up front the impact of security properties of a composition's candidate components.

Khaled M. Khan | Jun Han

[1] Khaled M. Khan,et al. A framework for an active interface to characterise compositional security contracts of software components , 2001, Proceedings 2001 Australian Software Engineering Conference.

[2] William T. Councill. Third-Party Testing and the Quality of Software Components , 1999, IEEE Softw..

[3] Gary McGraw,et al. An Approach for Certifying Security in Software Components , 1998 .

[4] David J. Carney,et al. What Do You Mean by COTS? Finally, a Useful Answer , 2000, IEEE Softw..

[5] Jon Hopkins,et al. Component primer , 2000, CACM.

[6] Jeffrey M. Voas,et al. Certifying Software for High-Assurance Environments , 1999, IEEE Softw..

[7] Batya Friedman,et al. Trust online , 2000, CACM.