• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Fakultet for arkitektur og design (AD)
  • Institutt for design
  • View Item
  •   Home
  • Fakultet for arkitektur og design (AD)
  • Institutt for design
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Data collection on security flaws caused by design errors

Terkelsen, Harald
Master thesis
Thumbnail
View/Open
Terkelsen - Data collection on security flaws caused by design.pdf (611.6Kb)
URI
http://hdl.handle.net/11250/144046
Date
2006
Metadata
Show full item record
Collections
  • Institutt for design [797]
Abstract
Producing secure software is extremely hard to do right. The number of security flaws

and vulnerabilities discovered in software each day is increasing at high speed. According

to the National Vulnerability Database the number of vulnerabilities discovered in 2005

was 4859, more than twice the number of vulnerabilities discovered the year before.

One way to classify vulnerabilities is to classify them after when in the development

phase they are introduced.

Other phases like analysis (requirements), testing, or maintenance phase are also

sometimes used.

This thesis is a study of security related flaws with origin in the design phase. Such

flaws are rooted in the design of the software, and exist even if the programmer implements

the design perfectly making no mistakes in the programming. Security related

design flaws are a lot about how security mechanisms like authentication, authorization

and encryption are used and implemented, or how error handling is performed. Typical

examples of design flaws include weak encryption, missing or insufficient access control.

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit