A Catalog of Security-oriented Program Transformations

Hafiz, Munawar; Adamczyk, Paul; Johnson, Ralph

A Catalog of Security-oriented Program Transformations

Hafiz, Munawar; Adamczyk, Paul; Johnson, Ralph

Permalink

https://hdl.handle.net/2142/10834

Description

Title

A Catalog of Security-oriented Program Transformations

Author(s)

Hafiz, Munawar
Adamczyk, Paul
Johnson, Ralph

Issue Date

2009-02

Keyword(s)

Computer Science

Abstract

Security requirements change, but the typical way of improving system security by patches is ad hoc and has not produced good results. Security improvements should be systematic, just as new features can be added to software systematically. It would be easier to improve the security of a system if we had a catalog of security-oriented program transformations that could be used to plan changes, to divide the work to make changes, and as a target of automation. This paper describes a catalog of security-oriented program transformations that were derived from security patterns. It describes several ways of categorizing these transformations, our first attempts at validating the catalog, and how the catalog can be used to improve the security of systems.

Type of Resource

text

Permalink

http://hdl.handle.net/2142/10834

A Catalog of Security-oriented Program Transformations

Hafiz, Munawar; Adamczyk, Paul; Johnson, Ralph

Permalink

Description

Owning Collections

Research and Tech Reports - Computer Science PRIMARY

A Catalog of Security-oriented Program Transformations

Hafiz, Munawar; Adamczyk, Paul; Johnson, Ralph

Permalink

Description

Owning Collections

Research and Tech Reports - Computer Science PRIMARY

Log In