{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

jan17 - CS 426 class...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 426 class Jan 17, 2012 www.cs.purdue.edu/homes/ssw/cs426/{index.html,syll.pdf,outline} (General purpose) Program security These ideas apply also to OS and DB. Read Chapter 3 What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls Has run for 9 weeks with no failure Contains no potential security flaw A program fault is an unexpected (bad) behavior of a pgm Which program is more secure? 1. pgm with 100 faults discovered and fixed 2. a similar pgm with 20 faults discovered and fixed Early computer security was "penetrate and patch" Not a good solution because: 1. narrow focus on a fault ignores the context 2. fault may have nonobvious side effects 3. fixing one problem may cause another 4. fault not fixed because the fixed system wouldn't work A better approach to computer security (via software engineering) program security flaw = pgm behavior not what designers intended or users expected. Flaws may be either inadvertent human errors or malicious, intentional flaws.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}