Security Properties of Software Components

摘要

This paper classifies security properties of software components into two broad categories: (1) non-functional security (NFS) properties, and (2) properties as security function (SF). Non-functional security properties are codified and embedded with the component functionality, whereas, properties as security functions are employed as external protection to the component. In most cases, users may add additional external protection to the binary form of the component. This classification could be used to determien how much the overall security of the component is dependent on the non-functional security properties of the component and to what extent the additional external protections are required in order to use the component in their specific application environment.