Impact of inheritance on vulnerability propagation at design phase

Authors:
A. Agrawal;R. A. Khan
Affiliations:
DIT, Babashaeb Bhimrao Ambedkar University, Lucknow, India;DIT, Babashaeb Bhimrao Ambedkar University, Lucknow, India
Venue:
ACM SIGSOFT Software Engineering Notes
Year:
2009

Citing 16
Cited 2

A Hierarchical Model for Object-Oriented Design Quality Assessment

IEEE Transactions on Software Engineering
ITS4: A static vulnerability scanner for C and C++ code

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
From the Ground Up: The DIMACS Software Security Workshop

IEEE Security and Privacy
MOPS: an Infrastructure for Examining Security Properties of Software

MOPS: an Infrastructure for Examining Security Properties of Software
Characterizing the 'Security Vulnerability Likelihood' of Software Functions

ICSM '03 Proceedings of the International Conference on Software Maintenance
Methods for the prevention, detection and removal of software security vulnerabilities

ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
Demystifying the Threat-Modeling Process

IEEE Security and Privacy
Modeling the Vulnerability Discovery Process

ISSRE '05 Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering
Towards a measuring framework for security properties of software

Proceedings of the 2nd ACM workshop on Quality of protection
Threading secure coding principles and risk analysis into the undergraduate computer science and information systems curriculum

InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development
A Metrics Framework to Drive Application Security Improvement

IEEE Security and Privacy
Detection and correction of design defects in object-oriented designs

Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
Improving vulnerability discovery models

Proceedings of the 2007 ACM workshop on Quality of protection
Software Security; A Vulnerability Activity Revisit

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Software Security

IEEE Security and Privacy
Security vulnerabilities in software systems: a quantitative perspective

DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security

OO Vulnerability: Measuring the vulnerability of an object-oriented design

Network Security
SSL VPNs: SSL VPN and return on investment: A possible combination

Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The design phase of software development provides the foundation for secure software. Reducing vulnerability at this phase minimizes rework in subsequent development phases. Currently, no efficient measure or method is available to reduce this vulnerability. In or-der to address this problem, we have proposed an algorithm to measure vulnerability propagation for an object-oriented design that calculates the Attribute Vulnerability Ratio (AVR).