CrossTalk: The Journal of Defense Software Engineering. Volume 18, Number 10

Abstract

"Engineering Security Into the Software Development Life Cycle," by Gary M. McGraw and Nancy R. Mead -- The Build Security In Software Assurance Initiative promotes less vulnerable software with security built in from the start. "Creating a Software Assurance Body of Knowledge," by Samuel T. Redwine Jr. -- This article presents an initiative to assemble the knowledge to acquire, develop, and sustain secure software with functionality. "Designing for Disaster: Building Survivable Information Systems," by Ronda R. Henning -- Designing survivability measures into an information system from the start allows continued operations through failure scenarios. "Sixteen Standards-Based Practices for Safety and Security," by Dr. Linda Ibrahim -- The 16 practices presented in this article help establish a safety and security capability, identify and manage risks, and assure product safety and security throughout the life cycle. "The Information Technology Security Arms Race," by Dr. Steven Hofmeyr -- This author discusses how an intrusion prevention system can fill the need for new technology defenses to protect against new information attack technologies. "The MILS Architecture for a Secure Global Information Grid," by Dr. W. Scott Harrison, Dr. Nadine Hanebutte, Dr. Paul W. Oman, and Dr. Jim Alves-Foss -- With the Multiple Independent Levels of Security safety architecture, guards act to filter and enforce information flow, allowing large systems to have partitions small enough to verify. "Application Security: Protecting the Soft Chewy Center," by Alec Main -- Application security is rising up to protect from the inside out by implementing defensive techniques into top-level applications and data.

Document Details

Document Type

Technical Report

Publication Date

Oct 01, 2005

Accession Number

ADA487375

Entities

Tags