A Contextual Guidance Approach to Software Security

11 years 1 months ago
A Contextual Guidance Approach to Software Security
With the ongoing trend towards the globalization of software systems and their development, components in these systems might not only work together, but may end up evolving independently from each other. Modern IDEs have started to incorporate support for these highly distributed environments, by adding new collaborative features. As a result, assessing and controlling system quality (e.g. security concerns) during system evolution in these highly distributed systems become a major challenge. In this research, we introduce a unified ontological representation that integrates best security practices in a context-aware tool implementation. As part of our approach, we integrate information from traditional static source code analysis with semantic rich structural information in a unified ontological representation. We illustrate through several use cases how our approach can support the evolvability of software systems from a security quality perspective.
Philipp Schügerl, David Walsh, Juergen Rillin
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Authors Philipp Schügerl, David Walsh, Juergen Rilling, Philippe Charland
Comments (0)