Rules of Thumb for Developing Secure Software: Analyzing and Consolidating Two Proposed Sets of Rules
2012 Seventh International Conference on Availability, Reliability and Security (2008)
Mar. 4, 2008 to Mar. 7, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.142
This paper presents guidelines to develop secure applications in the form of "Do’s and Don’ts" applying mostly to the software design level, but also to the implementation level. It builds on two collections of similar rules published in two seminal books in the area of secure software development, criticizes and improves those earlier rules and extends them by several new ones. The paper does not cover how to apply such rules in general. The main direction of improvement is making the rules more constructive, less ambiguous, and removing aspects not related to security.
software design, security, design principles, design rules
Holger Peine, "Rules of Thumb for Developing Secure Software: Analyzing and Consolidating Two Proposed Sets of Rules", 2012 Seventh International Conference on Availability, Reliability and Security, vol. 00, no. , pp. 1204-1209, 2008, doi:10.1109/ARES.2008.142