Why developers insert security vulnerabilities into their code

Proceedings of the 2nd International Conferences on Advances in Computer-Human Interactions, ACHI 2009

Volumn , Issue , 2009, Pages 289-294

  Karppinen, Kaarina ^a   Yonkwa, Lyly ^b   Lindvall, Mikael ^b  

^a VTT TECHNICAL RESEARCH CENTRE OF FINLAND   (Finland)

^b Fraunhofer Center of Experimental Software   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

INTEGRATION TESTING; SECURITY VULNERABILITIES; SOFTWARE REQUIREMENTS; SOFTWARE SYSTEMS; TESTABILITIES;

INTERACTIVE COMPUTER SYSTEMS;

SOFTWARE TESTING;

EID: 63749094275     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACHI.2009.18     Document Type: Conference Paper

References (11)

1. R.J. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, 2001.
2. S. Ardi, D. Byers, P. Meland, I.A. Tondel, and N. Shahmehri, "How can the developer benefit from security modeling?", Proceedings of The Second International Conference on Availability, Reliability and Security, ARES 2007, 1017-1025, 10-13 April 2007.
3. L.F. Cranor, and S. Garfinkel, Security and Usability -Designing Secure Systems That People Can Use. O'Reilly Media Inc, 2005.
4. G. Dennis, TSAFE: building a trusted computing base for air traffic control software. Masters Thesis, Computer Science Dept., Massachusetts Inst. Technology, 2003.
5. H. Erzberger, "The automated airspace concept", In the 4th USA/Europe air traffic management R&D seminar, Santa Fe, New-Mexico, USA, 2001.
6. M. Lindvall, I. Rus, P. Donzelli, A. Memon, M. Zelkowitz, A. Betin-Can, T. Bultan, C. Ackermann, B. Anders, S. Asgari, V. Basili, L. Hochstein, J. Fellmann, F. Shull, R. Tvedt, D. Pech, and D. Hirschbach, "Experimenting with software testbeds for evaluating new technologies", Empirical Software Engineering, Vol. 12, No. 4. (August 2007), 417-444.
7. J. Nielsen, Usability Engineering. Academic Press, Inc, 1993.
8. J. Nielsen, J. "Iterative User-Interface Design". Computer, Vol. 26, no. 11 (Nov. 1993), 32-41.
9. C.P. Pfleeger, and S.L. Pfleeger, Security in computing, 4th ed. Prentice Hall, 2007.
10. M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, and P. Sommerlad, Security Patterns: Integrating Security and Systems Engineering, John Wiley & Sons, Ltd, 2006.
11. J. Viega, and G. McGraw, Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, 2002.