Risk analysis in software design

IEEE Security and Privacy

Volumn 2, Issue 4, 2004, Pages 79-84

  Verdon, Denis ^a   McGraw, Gary ^b  

^a Fidelity National Financial ^*

^b Cigital   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CONTRACTS; COSTS; CRYPTOGRAPHY; DATA REDUCTION; INFORMATION ANALYSIS; ITERATIVE METHODS; LAWS AND LEGISLATION; MATHEMATICAL MODELS; PERSONAL COMPUTERS; PROBABILITY; RISK ASSESSMENT; SOCIETIES AND INSTITUTIONS; WEBSITES;

INFORMATION SYSTEMS; RISK MEASUREMENT; SOFTWARE DEVELOPMENT LIFE CYCLE; SOFTWARE SYSTEMS;

SOFTWARE ENGINEERING;

EID: 4344569744     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSP.2004.55     Document Type: Review

References (6)

1. G. McGraw, "Software Security," IEEE Security & Privacy, vol. 2, no. 2, 2004, pp. 80-83.
2. H. Cavusoglu, B. Mishra, and S. Raghunathan, The Effect of Internet Security Breach Announcements on Market Value of Breached Firms and Internet Security Developers, tech. report, Univ. of Texas at Dallas, School of Management, Feb. 2002; www.utdallas.edu/~huseyin/breach.pdf.
3. M. Howard and D. LaBlanc, Writing Secure Code, 2nd ed., Microsoft Press, 2003.
4. G. Hoglund and G. McGraw, Exploiting Software, Addison-Wesley, 2004.
5. J. Viega and G. McGraw, Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, 2001.
6. G. Sindre and A.L. Opdahl, "Eliciting Security Requirements by Mis-use Cases," Proc. 37th Technology of Object-Oriented Languages and Systems (TOOLS-37), IEEE CS Press, 2000.