Software—Practice & Experience
Interaction Design: Beyond Human Computer Interaction
Interaction Design: Beyond Human Computer Interaction
Systematically Eradicating Data Injection Attacks Using Security-Oriented Program Transformations
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
A framework and methodology for studying the causes of software errors in programming systems
Journal of Visual Languages and Computing
ASIDE: IDE support for web application security
Proceedings of the 27th Annual Computer Security Applications Conference
Evaluating interactive support for secure programming
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Hi-index | 0.01 |
Security breaches are often caused by software bugs, which may frequently be due to developers' memory lapses, lack of attention/ focus, and knowledge gaps. Developers have to contend with heavy cognitive loads to deal with issues such as functional requirements, deadlines, security, and runtime performance. We propose to integrate secure programming support seamlessly into Integrated Development Environments (IDEs) in order to help developers cope with their heavy cognitive load and reduce security errors. As proof of concept, we developed a plugin for Eclipse's Java development environment. Developers will be alerted to potential secure programming concerns, such as input validation, data encoding, and access control as well as encouraged to comply with secure coding standards.