Secure Software Development through Coding Conventions and Frameworks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Takao Okubo Articles by Hidehiko Tanaka

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	Takao Okubo, Hidehiko Tanaka, "Secure Software Development through Coding Conventions and Frameworks," Availability, Reliability and Security, International Conference on, pp. 1042-1051, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.131, author = {Takao Okubo and Hidehiko Tanaka}, title = {Secure Software Development through Coding Conventions and Frameworks}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {1042-1051}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.131}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Secure Software Development through Coding Conventions and Frameworks SN - 0-7695-2775-2 SP1042 EP1051 A1 - Takao Okubo, A1 - Hidehiko Tanaka, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Takao Okubo, Fujitsu Laboratories ltd., Institute of Information Security

Hidehiko Tanaka, Fujitsu Laboratories ltd., Institute of Information Security

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.131

It is difficult to apply existing software development methods to security concerns. Using software for security testing purposes, in particular, is hard to do. The fact that there is a restriction on the implementation of software affects the ease with which security can be tested. In this paper we propose a decision process of coding conventions for security, mindful of testing security. Then, we apply our method to preventing injection attacks on Web application programs, and establish some coding conventions that can be used against injection attacks and cross site scripting. We also discuss security frameworks, which are also useful as conventions.

Citation:

Takao Okubo, Hidehiko Tanaka, "Secure Software Development through Coding Conventions and Frameworks," ares, pp.1042-1051, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.