Skip to Main content Skip to Navigation
Conference papers

Integrated Security Verification and Validation: Case Study

Abstract : In most current approaches to software security, secu- rity flaws are fixed only after they have been exploited. To increase user confidence in software products, the software industry needs more proactive and durable security solu- tions by addressing security requirements throughout the software system lifecycle, including requirements and de- sign specification, testing, and maintenance phases. Appro- priate security analysis techniques must be used for each of these phases. In this paper, we illustrate an integrated se- curity analysis framework, which combines a quantitative design security analysis technique, with a static program analyzer, which tracks unsafe information flows. We illus- trate the framework by presenting a case study based on medical information card.
Document type :
Conference papers
Complete list of metadata
Contributor : Isabelle Simplot-Ryl Connect in order to contact the contributor
Submitted on : Tuesday, December 14, 2010 - 2:41:41 PM
Last modification on : Wednesday, February 23, 2022 - 11:58:02 AM




Dorina Ghindici, Gilles Grimaud, Isabelle Simplot-Ryl, Issa Traore, Yanguo Liu. Integrated Security Verification and Validation: Case Study. Proc. of the Second IEEE LCN Workshop on Network Security (WoNS 2006), held in conjunction with the 31st Annual IEEE Conference on Local Computer Networks (LCN 2006), 2006, Tampa, Florida, United States. pp.1000-1006, ⟨10.1109/LCN.2006.322215⟩. ⟨inria-00546614⟩



Record views