A Contextual Guidance Approach to Software Security

PDF

Authors
  1. Schugerl, P.
  2. Walsh, D.
  3. Rilling, J.
  4. Charland, P.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN);Concordia Univ, Montreal Que (CAN) Dept of Computer Science and Software Engineering
Abstract
With the ongoing trend towards the globalization of software systems and their development, components in these systems might not only work together, but may end up evolving independently from each other. Modern IDEs have started to incorporate support for these highly distributed environments, by adding new collaborative features. As a result, assessing and controlling system quality (e.g., security concerns) during system evolution in these highly distributed systems become a major challenge. In this research, we introduce a unified ontological representation that integrates best security practices in a context-aware tool implementation. As part of our approach, we integrate information from traditional static source code analysis with semantic rich structural information in a unified ontological representation. We illustrate through several use cases how our approach can support the evolvability of software systems from a security quality perspective.
Report Number
DRDC-VALCARTIER-SL-2009-189 — Scientific Literature
Date of publication
01 Sep 2009
Number of Pages
6
DSTKIM No
CA032966
CANDIS No
532200
Format(s):
Document Image stored on Optical Disk

Permanent link

Document 1 of 1

Date modified: