Security Properties of Software Components

Khan, Khaled; Han, Jun; Zheng, Yuliang

doi:10.1007/3-540-47790-X_6

Khaled Khan³,
Jun Han³ &
Yuliang Zheng³

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1729))

Included in the following conference series:

International Workshop on Information Security

371 Accesses
2 Citations

Abstract

This paper classifies security properties of software components into two broad categories: (1) non-functional security (NFS) properties, and (2) properties as security function (SF). Non-functional security properties are codified and embedded with the component functionality, whereas, properties as security functions are employed as external protection to the component. In most cases, users may add additional external protection to the binary form of the component. This classification could be used to determine how much the overall security of the component is dependent on the non-functional security properties of the component and to what extent the additional external protections are required in order to use the component in their specific application environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

ISO-15408. Common Criteria for information technology security evaluation version 2.0. Standard, ISO/IEC 15408 NIST, USA, June 1999. http://csrc.nist.gov/cc/.
U. Linquist and E. Jonsson. A map of security risks associated with using COTS. IEEE Computer, pages 60–66, June 1998.
Google Scholar
G. McGraw. Software assurance for security. IEEE Computer, pages 103–105, April 1999.
Google Scholar
A. Rubin and D. Geer. A survey of Web security. IEEE Computer, pages 34–41, September 1998.
Google Scholar
C. Szyperski. Component Software-Beyond Object-Oriented Programming. Addison-Wesley, 1998.
Google Scholar
N. Talbert. The cost of COTS. IEEE Computer, pages 46–52, June 1998.
Google Scholar
C. Thomson, editor. Workshop Reports. 1998 Workshop on Compositional Software Architectures, Monterey, USA, January 1998. http://www.objs.com/workshops/ws9801/report.html.
J. Voas. Certifying off-the-shelf software components. IEEE Computer, pages 53–59, June 1998.
Google Scholar
J. Voas. The challenges of using COTS software in component-based development. IEEE Computer, pages 44–45, June 1998.
Google Scholar

Download references

Author information

Authors and Affiliations

Peninsula School of Computing and Information Technology, Monash University, McMahons Road, Frankston, VIC, 3199, Australia
Khaled Khan, Jun Han & Yuliang Zheng

Authors

Khaled Khan
View author publications
You can also search for this author in PubMed Google Scholar
Jun Han
View author publications
You can also search for this author in PubMed Google Scholar
Yuliang Zheng
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Khan, K., Han, J., Zheng, Y. (1999). Security Properties of Software Components. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_6

Download citation

DOI: https://doi.org/10.1007/3-540-47790-X_6
Published: 22 October 1999
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66695-0
Online ISBN: 978-3-540-47790-7
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics