Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

The Second International Conference on Availability, Reliability and Security (ARES'07)   pp. 1042-1051
Secure Software Development through Coding Conventions and Frameworks
Takao Okubo, Fujitsu Laboratories ltd., Institute of Information Security
Hidehiko Tanaka, Fujitsu Laboratories ltd., Institute of Information Security
Full Article Text: Download PDF of full textBuy this articleGet full text from IEEE Xplore

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.131
Send link to a friend

Abstract
It is difficult to apply existing software development methods to security concerns. Using software for security testing purposes, in particular, is hard to do. The fact that there is a restriction on the implementation of software affects the ease with which security can be tested. In this paper we propose a decision process of coding conventions for security, mindful of testing security. Then, we apply our method to preventing injection attacks on Web application programs, and establish some coding conventions that can be used against injection attacks and cross site scripting. We also discuss security frameworks, which are also useful as conventions.
Additional Information

Citation:  Takao Okubo, Hidehiko Tanaka, "Secure Software Development through Coding Conventions and Frameworks," ares, pp. 1042-1051,  The Second International Conference on Availability, Reliability and Security (ARES'07),  2007

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

PDFs require Adobe Acrobat Reader.

Peer Review Notice

Give us Feedback