Report: Measuring the Attack Surfaces of Enterprise Software

机译：报告：测量企业软件的攻击面

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Software vendors are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the attack surface of software is a complementary approach. In this paper, we apply a method for measuring attack surfaces to enterprise software written in Java. We implement a tool as an Eclipse plugin to measure an SAP software system's attack surface in an automated manner. We demonstrate the feasibility of our approach by measuring the attack surfaces of three versions of an SAP software system. We envision our measurement method and tool to be useful to software developers for improving software security and quality.

机译：软件供应商越来越关注减轻其软件的安全风险。提高代码质量是减轻安全风险的传统方法。测量和减少软件的攻击面是一种补充方法。在本文中，我们将一种用于测量攻击面的方法应用于用Java编写的企业软件。我们将工具实现为Eclipse插件，以自动方式测量SAP软件系统的攻击面。我们通过测量三个版本的SAP软件系统的攻击面来证明我们的方法的可行性。我们设想我们的测量方法和工具将对软件开发人员有用，以改善软件的安全性和质量。

著录项

来源
《Engineering secure software and systems》|2009年|91-100|共10页
会议地点 Leuven(BE);Leuven(BE)
作者
Pratyusa K. Manadhata; Yuecel Karabulut; Jeannctte M. Wing;
展开▼
作者单位

Carnegie Mellon Univeristy, Pittsburgh, PA, USA;

SAP Research, Palo Alto, CA, USA;

Carnegie Mellon Univeristy, Pittsburgh, PA, USA;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算机软件;
关键词

相似文献

外文文献
中文文献
专利

1. Measuring and Reporting on Social Performance: From Numbers and Narratives to a Useful Reporting Framework for Social Enterprises [J] . Belinda Luke Social and Environmental Accountability Journal . 2016,第2期

机译：衡量和报告社会绩效：从数字和叙述到社会企业的有用报告框架
2. Measuring the maturity of Indian small and medium enterprises for unofficial readiness for capability maturity model integration-based software process improvement [J] . Ashima Singh, Sukhpal Singh Gill Journal of software maintenance and evolution rsearch and practice . 2020,第9期

机译：衡量印度中小企业的成熟，为非官方准备算法，基于能力成熟模型集成的软件过程改进
3. DYNAMIC DATA COLLECTION AND REPORT WRITING SOFTWARE FOR SURVEYORS LAUNCHED VIA ABE ENTERPRISES LTD [J] . Building Engineer . 2009,第10期

机译：通过安倍企业有限公司推出的调查员的动态数据收集和报告编写软件
4. Report: Measuring the Attack Surfaces of Enterprise Software [C] . Pratyusa K. Manadhata, Yuecel Karabulut, Jeannette M. Wing International Symposium on Engineering Secure Software and Systems . 2009

机译：报告：测量企业软件的攻击曲面
5. Accounting and financial reporting for development-stage enterprises: An empirical investigation of SFAS No. 7. [D] . Francis, Rick Neil. 2002

机译：发展阶段企业的会计和财务报告：对SFAS No. 7的实证研究。
6. AO Patient Outcomes Center: Design Implementation and Evaluation of a Software Application for the Collection of Patient-Reported Outcome Measures in Orthopedic Outpatient Clinics [O] . Nan E Rothrock, Michael Bass, Andrea Blumenthal, 2019

机译：AO患者结果中心：骨科门诊患者收集的患者报告的治疗结果收集软件应用程序的设计实施和评估
7. Report: Measuring the Attack Surfaces of Enterprise Software [O] . Pratyusa K. Manadhata, Yuecel Karabulut, Jeannette M. Wing 2009

机译：报告：测量企业软件的攻击面
8. Approach to Measuring a System's Attack Surface [R] . Manadhata, P. K. , Tan, K. M. , Maxion, R. A. , 2007

机译：测量系统攻击面的方法

Report: Measuring the Attack Surfaces of Enterprise Software

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅