It Is Not Too Late for Software Assurance!

Abstract

Software Assurance is the practice of designing secure software that can safely and reliably operate in a hostile environment and resist attacks when all other network defenses have failed. Real-time IA focuses on mitigating attacks while within that hostile environment but can be greatly aided by Software Assurance practices regardless of where an application is in its lifecycle. In 2012 Yahoo suffered from an attack on an application initially developed by another company and had Yahoo executed Software Assurance techniques on the mature application, they could have prevented a compromise that resulted in the release of more than 400,000 user names and passwords.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2013
Accession Number
ADA597548

Entities

People

  • Arthur J. Boote
  • James Woodworth
  • Robert A. Voitle Jr.

Organizations

  • Ogden Air Logistics Complex

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Application Software
  • Code Injection
  • Computer Programming
  • Computer Programs
  • Cyberattacks
  • Department Of Defense
  • Electronic Mail
  • Engineering
  • Environment
  • Identification Systems
  • Information Assurance
  • Security
  • Software Assurance
  • Software Development
  • Systems Engineering
  • Training

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering.