Integrated Security Verification and Validation: Case Study

Abstract : In most current approaches to software security, secu- rity flaws are fixed only after they have been exploited. To increase user confidence in software products, the software industry needs more proactive and durable security solu- tions by addressing security requirements throughout the software system lifecycle, including requirements and de- sign specification, testing, and maintenance phases. Appro- priate security analysis techniques must be used for each of these phases. In this paper, we illustrate an integrated se- curity analysis framework, which combines a quantitative design security analysis technique, with a static program analyzer, which tracks unsafe information flows. We illus- trate the framework by presenting a case study based on medical information card.
Type de document :
Communication dans un congrès
Proc. of the Second IEEE LCN Workshop on Network Security (WoNS 2006), held in conjunction with the 31st Annual IEEE Conference on Local Computer Networks (LCN 2006), 2006, Tampa, Florida, United States. pp.1000-1006, 2006, 〈10.1109/LCN.2006.322215〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00546614
Contributeur : Isabelle Simplot-Ryl <>
Soumis le : mardi 14 décembre 2010 - 14:41:41
Dernière modification le : jeudi 11 janvier 2018 - 06:22:13

Identifiants

Collections

Citation

Dorina Ghindici, Gilles Grimaud, Isabelle Simplot-Ryl, Issa Traore, Yanguo Liu. Integrated Security Verification and Validation: Case Study. Proc. of the Second IEEE LCN Workshop on Network Security (WoNS 2006), held in conjunction with the 31st Annual IEEE Conference on Local Computer Networks (LCN 2006), 2006, Tampa, Florida, United States. pp.1000-1006, 2006, 〈10.1109/LCN.2006.322215〉. 〈inria-00546614〉

Partager

Métriques

Consultations de la notice

146