The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Automated verification of noninterference is commonly considered more precise than type-based approach on enforcing secure information flow for program. We propose an approach on model checking symbolic pushdown system generated from Java bytecode, and develop a deployment-time verification framework to ensure noninterference of bytecode. In order to overcome the constraints brought by the nature...
Through analyzing the factors affecting software trustworthy, established the index system of trustworthy software estimation. Apply Analytic Hierarchy Process (AHP) to determine the relative importance of factors and indicator items affecting software trustworthy, and then determine the score of estimation index system through fuzzy estimation model, use the combination of both to measure software...
It is known that software system plays an important role in the information society, and high trustworthiness is a key requirement for many types of systems, such as safety critical systems, telecommunication systems, and mission critical software systems. How to improve the trustworthiness to better serve our society has become an important research focus among areas of software theory and technology...
In order to solve the problem of taxonomies overlap in software vulnerability, a method of vulnerability classifying based on text clustering in NVD (National Vulnerability Database) is proposed, and Cluster Overlap Index is used to evaluate Simplekmean, BisectingKMeans and BatchSom clustering algorithms. 45 main vulnerability clusters are selected from approximate 40,000 vulnerability records according...
Since attack graphs provide practical attack context and relationships among vulnerabilities, researchers have been trying to evaluate network security based on attack graphs. However, previous works focus their attention on specific evaluations they concerned, and each does things in his own way. There is no explicit way telling network administrators how to measure network security in a general...
This paper makes a comparative analysis of SaaS's relative merits from the aspects of cost, solution, software maintenance, network application and security. SaaS not only possesses the advantages of low upfront investment, flexible customization, rapid implementation and professional services but also has some disadvantages, such as higher long-term rent, lack of personalized solutions, network instability...
Protecting systems and data from malicious access and corruption requires the existence of effective security mechanisms and the correct configuration of those mechanisms. Configuring large software systems for security is a complex task, entailing a lot of expertise that many administrators do not have. This paper proposes a generic methodology to condense widespread information about security best...
The number of security errors and vulnerabilities can be reduced if a secure software development process (SSDP) is followed. Such a SSDP must cater for security aspects during each phase of development. In this paper, we present a new process that provides ways of addressing security concerns and incorporating security decisions throughout the software development process. Our process has two views:...
Customers always complain that anti-virus softwares bog down their computers by consuming much of PC memories and resources. With the popularity and variety of zero- day threats over the Internet, security companies have to keep on inserting new virus signatures into their databases. However, is the increasing size of the signature file the sole reason to drag computers to a crawl during the virus...
In this paper an overview of the challenges to long term preservation of digital objects is given. We highlight threats, which can be posed by humans, hardware/software, environment and institutions to long term digital preservation systems, with specific emphasis to security threats. Some technological solutions are described, and the Italian experience on long term digital preservation is briefly...
Through comprehensive analysis of software security vulnerability, a novel vulnerability detecting method based on similar characteristic is proposed in this paper. The method aims at C Code security detection. Based on Case-based Reasoning technology, the method performs similarity matching between security characteristic of source code and the characteristic of known security vulnerabilities, and...
Caches ideally should have low miss rates and short access times, and should be power efficient at the same time. Such design goals are often contradictory in practice. Recent findings on efficient attacks based on information leakage in caches have also brought the security issue up front. Design for security introduces even more restrictions and typically leads to significant performance degradation...
After systematic analysis of risk factors of information security and assessment process, a quantitative security assessment method is presented based on fuzzy number operations. Both the fuzziness of the indices and the uncertainty of weight determination are considered. Then the grades of fuzzy language variables are given, and the opinions of multi experts are integrated to triangular fuzzy numbers...
Secure software is crucial in todaypsilas software dependent world. However, most of the time, security is not addressed from the very beginning of a software development life cycle (SDLC), and it is only incorporated after the software has been developed. Even when security is considered since the inception of the software development, there is no concrete way to quantify security of an SDLC artifact...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.