What Might We Mean By "Secure Code" and How Might We Teach What We Mean?

What Might We Mean By "Secure Code" and How Might We Teach What We Mean?

To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of syst...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Irvine, C.E.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Asset management
Computer network management
Computer networks
Computer security
Costs
Explosions
Information management
Protection
Rabbits
Rails
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 22
container_issue
container_start_page 22
container_title
container_volume
creator Irvine, C.E.
description To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of system assurance levels is introduced as a solution to the combinatorial explosion of damage classes. Our approach to ensuring that students know how to construct evaluatable components, and as a by-product, "secure code," is discussed.
doi_str_mv 10.1109/CSEETW.2006.24
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1644093</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1644093</ieee_id><sourcerecordid>1644093</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-fcab21c27b5c2bd3569485081a27c70117bcc46ae8b8ddb62c29fd06a26e34743</originalsourceid><addsrcrecordid>eNpFjEtLw0AYABdEqNRce_Gy9J747Xv3JBqiEVo8NJBj2ccXE9FWkoj03wta8DSXmSFkxaBgDNxtuauqpi04gC64vCCZMxaMdopraeyCZNP0BgDMaSOUvSJ12_uZbofXfqYt0i36A3040fUO49eItDwmXFN_SLQ-fv9rDfrY09_0HN1dk8vOv0-YnbkkzWPVlHW-eXl6Lu83-eBgzrvoA2eRm6AiD0ko7aRVYJnnJhpgzIQYpfZog00paB656xJozzUKaaRYkpu_7YCI-89x-PDjac-0lOCE-AFim0dN</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>What Might We Mean By "Secure Code" and How Might We Teach What We Mean?</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Irvine, C.E.</creator><creatorcontrib>Irvine, C.E.</creatorcontrib><description>To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of system assurance levels is introduced as a solution to the combinatorial explosion of damage classes. Our approach to ensuring that students know how to construct evaluatable components, and as a by-product, "secure code," is discussed.</description><identifier>ISBN: 9780769526478</identifier><identifier>ISBN: 0769526470</identifier><identifier>DOI: 10.1109/CSEETW.2006.24</identifier><language>eng</language><publisher>IEEE</publisher><subject>Asset management ; Computer network management ; Computer networks ; Computer security ; Costs ; Explosions ; Information management ; Protection ; Rabbits ; Rails</subject><ispartof>19th Conference on Software Engineering Education and Training Workshops (CSEETW'06), 2006, p.22-22</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1644093$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,4036,4037,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1644093$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Irvine, C.E.</creatorcontrib><title>What Might We Mean By "Secure Code" and How Might We Teach What We Mean?</title><title>19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)</title><addtitle>CSEETW</addtitle><description>To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of system assurance levels is introduced as a solution to the combinatorial explosion of damage classes. Our approach to ensuring that students know how to construct evaluatable components, and as a by-product, "secure code," is discussed.</description><subject>Asset management</subject><subject>Computer network management</subject><subject>Computer networks</subject><subject>Computer security</subject><subject>Costs</subject><subject>Explosions</subject><subject>Information management</subject><subject>Protection</subject><subject>Rabbits</subject><subject>Rails</subject><isbn>9780769526478</isbn><isbn>0769526470</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2006</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpFjEtLw0AYABdEqNRce_Gy9J747Xv3JBqiEVo8NJBj2ccXE9FWkoj03wta8DSXmSFkxaBgDNxtuauqpi04gC64vCCZMxaMdopraeyCZNP0BgDMaSOUvSJ12_uZbofXfqYt0i36A3040fUO49eItDwmXFN_SLQ-fv9rDfrY09_0HN1dk8vOv0-YnbkkzWPVlHW-eXl6Lu83-eBgzrvoA2eRm6AiD0ko7aRVYJnnJhpgzIQYpfZog00paB656xJozzUKaaRYkpu_7YCI-89x-PDjac-0lOCE-AFim0dN</recordid><startdate>2006</startdate><enddate>2006</enddate><creator>Irvine, C.E.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2006</creationdate><title>What Might We Mean By "Secure Code" and How Might We Teach What We Mean?</title><author>Irvine, C.E.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-fcab21c27b5c2bd3569485081a27c70117bcc46ae8b8ddb62c29fd06a26e34743</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Asset management</topic><topic>Computer network management</topic><topic>Computer networks</topic><topic>Computer security</topic><topic>Costs</topic><topic>Explosions</topic><topic>Information management</topic><topic>Protection</topic><topic>Rabbits</topic><topic>Rails</topic><toplevel>online_resources</toplevel><creatorcontrib>Irvine, C.E.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Irvine, C.E.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>What Might We Mean By "Secure Code" and How Might We Teach What We Mean?</atitle><btitle>19th Conference on Software Engineering Education and Training Workshops (CSEETW'06)</btitle><stitle>CSEETW</stitle><date>2006</date><risdate>2006</risdate><spage>22</spage><epage>22</epage><pages>22-22</pages><isbn>9780769526478</isbn><isbn>0769526470</isbn><abstract>To add precision to the term "secure code," several concepts from the area of high assurance system development are introduced. These allow the cost, in terms of organizational damage, to information asset owners of the lack of various forms of protection to be explored. The notion of system assurance levels is introduced as a solution to the combinatorial explosion of damage classes. Our approach to ensuring that students know how to construct evaluatable components, and as a by-product, "secure code," is discussed.</abstract><pub>IEEE</pub><doi>10.1109/CSEETW.2006.24</doi><tpages>1</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 9780769526478
ispartof 19th Conference on Software Engineering Education and Training Workshops (CSEETW'06), 2006, p.22-22
issn
language eng
recordid cdi_ieee_primary_1644093
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Asset management
Computer network management
Computer networks
Computer security
Costs
Explosions
Information management
Protection
Rabbits
Rails
title What Might We Mean By "Secure Code" and How Might We Teach What We Mean?
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-03T13%3A23%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=What%20Might%20We%20Mean%20By%20%22Secure%20Code%22%20and%20How%20Might%20We%20Teach%20What%20We%20Mean?&rft.btitle=19th%20Conference%20on%20Software%20Engineering%20Education%20and%20Training%20Workshops%20(CSEETW'06)&rft.au=Irvine,%20C.E.&rft.date=2006&rft.spage=22&rft.epage=22&rft.pages=22-22&rft.isbn=9780769526478&rft.isbn_list=0769526470&rft_id=info:doi/10.1109/CSEETW.2006.24&rft_dat=%3Cieee_6IE%3E1644093%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1644093&rfr_iscdi=true