Security Evaluation and Hardening of Free and Open Source Software (FOSS)

PDF

Authors
  1. Charpentier, R.
  2. Debbabi, M.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN);Concordia Univ, Montreal Que (CAN) Computer Security Laboratory
Abstract
Recently, Free and Open Source Software (FOSS) emerged as an alternative to Commercial-Off-The-Shelf (COTS) software. Now, FOSS are perceived as a viable long-term solution that deserves careful consideration because of its potential for significant cost savings, improved re-liability, and support advantages over proprietary software. However, the secure integration of FOSS in IT infrastructures is very challenging and demanding. Methodologies and technical policies must be adapted to reliably compose large FOSS-based software systems [1]. A DRDC Valcartier-Concordia University feasibility study completed in March 2004 concluded that the most promising approach for securing FOSS is to combine advanced design patterns and Aspect-Oriented Programming (AOP). Following the recommendations of this study a three years project have been conducted as a collaboration between Concordia University, DRDC Val- cartier, and Bell Canada. This paper aims at presenting the main contributions of this project. It consists of a practical framework with the underlying solid semantic foundations for the security evaluation and hardening of FOSS.
Report Number
DRDC-VALCARTIER-SL-2010-113 — Scientific Literature
Date of publication
27 Apr 2010
Number of Pages
16
DSTKIM No
CA034144
CANDIS No
533538
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: