Eylem Seç
Security Code Review with Static Analysis Techniques for the Detection and Remediation of Security Vulnerabilities
Başlık:
Security Code Review with Static Analysis Techniques for the Detection and Remediation of Security Vulnerabilities
Yazar:
Thomas, Tyler William, author.
ISBN:
9780438010642
Yazar Ek Girişi:
Fiziksel Tanımlama:
1 electronic resource (203 pages)
Genel Not:
Source: Dissertation Abstracts International, Volume: 79-10(E), Section: B.
Advisors: Heather Lipford Committee members: Shenen Chen; Bill Chu; Mohamed Shehab; Weichao Wang.
Özet:
Security problems are both a large and growing concern today. Many security breaches are the result of security vulnerabilities introduced during the code construction phase. These vulnerabilities sometimes occur due to poor security training of the developer, and sometimes they are simply created by accident. Static analysis, examination of the application source code with a specialty tool, is the current solution to this problem. Unfortunately, this process produces an extremely large amount of false positives. It also cannot detect application specific issues without custom rules for each application. Consequently, these tools are often used only by security experts or abandoned entirely. In this dissertation, I conduct an interview study of application security experts to gain an understanding of their workflows and the organizational, technical, and communication challenges they face today. From these findings, I introduce tool assisted security code review fed by interactive static analysis and interactive annotation as a solution to detect and remediate greater numbers of vulnerabilities. In this dissertation, I also explore the process, warnings, and collaboration between the various roles of users for this type of tool. Lastly, I provide a set of design guidelines for security code review tools.
Notlar:
School code: 0694
Tüzel Kişi Ek Girişi:
Mevcut:*
Yer Numarası | Demirbaş Numarası | Shelf Location | Lokasyon / Statüsü / İade Tarihi |
---|---|---|---|
XX(681861.1) | 681861-1001 | Proquest E-Tez Koleksiyonu | Arıyor... |
On Order
Liste seç
Bunu varsayılan liste yap.
Öğeler başarıyla eklendi
Öğeler eklenirken hata oldu. Lütfen tekrar deneyiniz.
:
Select An Item
Data usage warning: You will receive one text message for each title you selected.
Standard text messaging rates apply.