Emerald Login
   

Welcome guest

Article Request:
Identifying security vulnerabilities through input flow tracing and analysis

Article Information:

Title:

Identifying security vulnerabilities through input flow tracing and analysis

Author(s):

Simeon Dimitriou Xenitellis

Journal:

Information Management & Computer Security

Year:

2003

Volume:

11

Issue:

4

Page:

195 - 199


ISSN:

0968-5227


DOI:

10.1108/09685220310489562

Publisher:

MCB UP Ltd

Document Access:

Existing customers:

Please login above.

Purchase this document:
Price payable: GBP £13.00
plus handling charge of GBP £1.50 and VAT where applicable.
Purchase

Request this document:
Print or e-mail a document request to your librarian.
Request

Reprints & permissions:
Image: Rightslink Request

Abstract:

A software system can be considered as a collection of data and procedures that are separated from the environment and interact with it through channels of communication. If we assume that the system does not contain any Trojan horse code, then the only way it can be attacked is during the processing of input through interactions with the environment. While most methodologies attempt to identify security vulnerabilities in the local context, proposes the use of complete input tracing that examines the source code and identifies all possible inputs from malicious sources, traces the input flow from the source until termination of use and compares the flow segments for known security vulnerability constructs. Discusses input flow tracing and its benefits such as the provision of metrics for security assurance, complete vulnerability assessment and the ability to examine combinations of vulnerabilities.

Keywords:

Computer viruses, Flow measurement, Input/output analysis, Reliability management, Security products, Software tools


Article Type:

Technical paper


Article URL:

http://www.emeraldinsight.com/10.1108/09685220310489562

Top