The belief that code secrecy can make a system more secure is commonly known as security by obscurity. Certainly, vendors have the right to use trade secret protection for their products in order to extend ownership beyond the terms afforded under copyright and patent law. But some software systems must satisfy critical requirements under intensive […]
Rebecca T. Mercuri
Advertisement
Quantification tools, if applied prudently, can assist in the anticipation, budgeting, and control of direct and indirect computer security costs.
It is incumbent upon us to examine our own auditing practices for their intrinsic vulnerabilities.
Computer Security: Quality Rather Than Quantity
The challenge of applying protection to systems, software,
and networks with intrinsic vulnerabilities is a lofty, but
ultimately realizable, one.
Inside Risks: System Integrity Revisited
Consider a computer product specification with data input, tabulation, reporting, and audit capabilities. The read error must not exceed one in a million, although the input device is allowed to reject any data it considers to be marginal. Although the system is intended for use in secure applications, only functional (black box) acceptance testing has […]
Shape the Future of Computing
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get Involved