Actions for How to write application code even a security auditor could love [electronic resource].

Email RIS file
Bookmark
Report an Issue

How to write application code even a security auditor could love [electronic resource].

Published
Los Alamos, N.M. : Los Alamos National Laboratory, 1989.
Oak Ridge, Tenn. : Distributed by the Office of Scientific and Technical Information, U.S. Dept. of Energy.
Physical Description
Pages: 5 : digital, PDF file
Additional Creators
Los Alamos National Laboratory and United States. Department of Energy. Office of Scientific and Technical Information
Access Online

Availability

I Want It
I Want It

Finding items...

Restrictions on Access
Free-to-read Unrestricted online access
Summary
In the past the application programmer was frequently isolated from the computer security professional. The target machine might have various access controls and security plans, but when the programmer delivered a new application, it was rarely scrutinized from a security standpoint. Security reviews of application code are now being used to overcome this apparent oversight, but these reviews are often hampered by a lack of knowledge among programmers of techniques that make code secure and facilitate security analysis of the code. This paper informally describes fifteen general principles for producing good code that is easily reviewed. This paper is not a formal guideline, but is intended as an inside view of how one reviewer looks at code from a security standpoint.
Report Numbers
E 1.99:la-ur-89-861
E 1.99: conf-890590-5
conf-890590-5
la-ur-89-861
Subject(s)
Other Subject(s)
Note
Published through SciTech Connect.
01/01/1989.
"la-ur-89-861"
" conf-890590-5"
"DE89009390"
DOE computer security conference, Amarillo, TX, USA, 2 May 1989.
Barlich, G.L.
Funding Information
W-7405-ENG-36
View MARC record | catkey: 14356831