Susceptibility Matrix: A New Aid to Software Auditing

IEEE Security and Privacy

Volumn 2, Issue 2, 2004, Pages 16-21

  Jiwnani, Kanta ^a   Vin Zelkowitz, Mar ^a,b  

^a UNIVERSITY OF MARYLAND   (United States)

^b University of Maryland ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SOFTWARE AUDITING; SUSCEPTIBILITY MATRIX; TAXONOMY; VULNERABILITIES;

COMPUTER SOFTWARE; DATABASE SYSTEMS; ITERATIVE METHODS; MATRIX ALGEBRA; PROFESSIONAL ASPECTS; RISK ASSESSMENT; SOCIETIES AND INSTITUTIONS; SOFTWARE ENGINEERING; SYSTEMS ANALYSIS;

SECURITY OF DATA;

EID: 2342512768     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSECP.2004.1281240     Document Type: Review

References (6)

1. C.E. Landwehr et al., "A Taxonomy of Computer Program Security Flaws," ACM Computing Surveys, vol. 26, no. 3, 1994, pp. 211-254.
2. K. Jiwnani and M. Zelkowitz, "Maintaining Software with a Security Perspective," IEEE Int'l Conf. Software Maintenance, IEEE CS Press, 2002, pp. 194-203.
3. R.A. Martin, "Managing Vulnerabilities in Networked Systems," Computer, vol. 34, no. 11, 2001, pp. 32-38.
4. K. Jiwnani, Integrating Sofware Testing with Security Concerns, masters thesis, Univ. of Maryland, Computer Science Dept., Dec. 2002.
5. C. Cowan, "Software Security for Open-Source Systems," IEEE Security & Privacy, vol. 1, no. 1, 2003, pp. 38-45.
6. G. McGraw and J. Viega, "Chapter 6: Auditing Software," Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, 2001, pp. 115-133.