Vis enkel innførsel

dc.contributor.authorSassoon, Richard
dc.contributor.authorJaatun, Martin Gilje
dc.contributor.authorJensen, Jostein
dc.date.accessioned2017-07-10T10:36:37Z
dc.date.available2017-07-10T10:36:37Z
dc.date.created2010-09-01T12:08:53Z
dc.date.issued2010
dc.identifier.citationThe road to Hell is paved with good intentions: A story of (in)secure software development. I: Proceedings of the Fifth International Conference on Avaliability, Reliability and Security: ARES 2010. IEEE 2010 ISBN 9780769539652. s. 501-506nb_NO
dc.identifier.isbn9780769539652
dc.identifier.urihttp://hdl.handle.net/11250/2448303
dc.description.abstractIn this paper, we present the results of a security assessment performed on a home care system based on SOA, realized as web services. The security design concepts of this platform were specifically tailored to meet new security challenges and to be compliant with legal frameworks applicable to the healthcare domain. This security design was fed as input to the development team,which implemented the system. However, our assessment revealed a software platform with severe security weaknesses and vulnerabilities, demonstrating pitfalls that are, or should be, well known.Our experience re-confirms that security must be built as an intrinsic software property and emphasizes the need for security awareness throughout the whole software development lifecycle.nb_NO
dc.language.isoengnb_NO
dc.publisherIEEEnb_NO
dc.relation.ispartofProceedings of the Fifth International Conference on Avaliability, Reliability and Security: ARES 2010
dc.titleThe road to Hell is paved with good intentions: A story of (in)secure software developmentnb_NO
dc.typeChapternb_NO
dc.description.versionacceptedVersionnb_NO
dc.source.pagenumber501-506nb_NO
dc.identifier.doi10.1109/ARES.2010.44
dc.identifier.cristin40972
dc.description.localcode© 2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other worksnb_NO
cristin.unitcode194,63,10,0
cristin.unitnameInstitutt for datateknikk og informasjonsvitenskap
cristin.ispublishedtrue
cristin.fulltextpostprint
cristin.qualitycode1


Tilhørende fil(er)

Thumbnail

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel