Issue No. 06 - November/December (2005 vol. 3)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.159
Katrina Tsipenyuk , Fortify Software
Brian Chess , Fortify Software
Gary McGraw , Cigital
Taxonomies can help software developers and security practitioners understand the common coding mistakes that affect security. The goal is to help developers avoid making these mistakes and more readily identify security problems whenever possible. Because developers today are by and large unaware of the security problems they can (unknowingly) introduce into code, a taxonomy of coding errors should provide a real tangible benefit to the software security community.
kingdom, phyla, taxonomy, errors
G. McGraw, B. Chess and K. Tsipenyuk, "Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors," in IEEE Security & Privacy, vol. 3, no. , pp. 81-84, 2005.