Back to Search Start Over

Report: Measuring the Attack Surfaces of Enterprise Software

Authors :
Yuecel Karabulut
Pratyusa K. Manadhata
Jeannette M. Wing
Source :
Lecture Notes in Computer Science ISBN: 9783642001987, ESSoS
Publication Year :
2009
Publisher :
Springer Berlin Heidelberg, 2009.

Abstract

Software vendors are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the attack surface of software is a complementary approach. In this paper, we apply a method for measuring attack surfaces to enterprise software written in Java . We implement a tool as an Eclipse plugin to measure an SAP software system's attack surface in an automated manner. We demonstrate the feasibility of our approach by measuring the attack surfaces of three versions of an SAP software system. We envision our measurement method and tool to be useful to software developers for improving software security and quality.

Subjects

Subjects :
Database
business.industry
Computer science
Software development
Attack surface
computer.software_genre
Software quality
Software security assurance
Software sizing
Software construction
Backporting
Software verification and validation
business
Software engineering
computer

Details

ISBN :
978-3-642-00198-7
ISBNs :
9783642001987
Database :
OpenAIRE
Journal :
Lecture Notes in Computer Science ISBN: 9783642001987, ESSoS
Accession number :
edsair.doi...........ae91686506053c7fe72203e76e78c950

Tools

Authors Abstract Subjects Details