Writing Secure Code
Assessing Vulnerability of Proposed Designs for Interdependent Infrastructure Systems
HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 2 - Volume 2
Security as a safety issue in rail communications
SCS '03 Proceedings of the 8th Australian workshop on Safety critical systems and software - Volume 33
Hi-index | 0.00 |
Security is an increasing concern for application developers, whether they are targeting internal customers, organizations or the general public. Particularly for the US public sector with requirements like FIPS 140, developers need to identify and remove superseded cryptography in both legacy applications and new development. This paper outlines a mechanism using static analysis tools to find outdated or improper cryptography and suggest corrections or correct code. This prevents the need for manual inspection and correction by developers familiar with cryptography and is more accurate than text searches.