$ZTD$_{JAVA}$: Mitigating Software Supply Chain Vulnerabilities via Zero-Trust Dependencies$

ZTD$_{JAVA}$: Mitigating Software Supply Chain Vulnerabilities via Zero-Trust Dependencies

Third-party libraries like Log4j accelerate software application development but introduce substantial risk. Vulnerabilities in these libraries have led to Software Supply Chain (SSC) attacks that compromised resources within the host system. These attacks benefit from current application permission...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	arXiv.org 2024-12
Hauptverfasser:	Amusuo, Paschal C, Robinson, Kyle A, Singla, Tanmay, Peng, Huiyun, Machiry, Aravind, Torres-Arias, Santiago, Simon, Laurent, Davis, James C
Format:	Artikel
Sprache:	eng
Schlagworte:	Algorithms Data structures Lumping Operators Packages Security Software Software engineering Source code Supply chains Tooling
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Schreiben Sie den ersten Kommentar!

ZTD\(_{JAVA}\): Mitigating Software Supply Chain Vulnerabilities via Zero-Trust Dependencies