Prescriptive vs. Descriptive Security: Observations on a growing paradigm shift in development security practices

Prescriptive vs. Descriptive Security: Observations on a growing paradigm shift in development security practices

Over the past decade, a variety of methods have been created to address security vulnerabilities in application software development. Generally speaking, the methods that have risen to prominence can be categorized in two ways — prescriptive methods that emphasize the use of security practices and t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Datenschutz und Datensicherheit 2012-09, Vol.36 (9), p.631-634
Hauptverfasser: Ladd, David C., Lipner, Steven B.
Format: Magazinearticle
Sprache:eng
Schlagworte:
Coding and Information Theory
Computer Science
Cryptology
Data Structures and Information Theory
Schwerpunkt
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Over the past decade, a variety of methods have been created to address security vulnerabilities in application software development. Generally speaking, the methods that have risen to prominence can be categorized in two ways — prescriptive methods that emphasize the use of security practices and techniques as part of a carefully monitored and repeatable security initiative, and descriptive methods that describe a set of security threats that should be addressed.
ISSN:1614-0702
1862-2607
DOI:10.1007/s11623-012-0216-1