Abstract
This paper classifies security properties of software components into two broad categories: (1) non-functional security (NFS) properties, and (2) properties as security function (SF). Non-functional security properties are codified and embedded with the component functionality, whereas, properties as security functions are employed as external protection to the component. In most cases, users may add additional external protection to the binary form of the component. This classification could be used to determine how much the overall security of the component is dependent on the non-functional security properties of the component and to what extent the additional external protections are required in order to use the component in their specific application environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ISO-15408. Common Criteria for information technology security evaluation version 2.0. Standard, ISO/IEC 15408 NIST, USA, June 1999. http://csrc.nist.gov/cc/.
U. Linquist and E. Jonsson. A map of security risks associated with using COTS. IEEE Computer, pages 60–66, June 1998.
G. McGraw. Software assurance for security. IEEE Computer, pages 103–105, April 1999.
A. Rubin and D. Geer. A survey of Web security. IEEE Computer, pages 34–41, September 1998.
C. Szyperski. Component Software-Beyond Object-Oriented Programming. Addison-Wesley, 1998.
N. Talbert. The cost of COTS. IEEE Computer, pages 46–52, June 1998.
C. Thomson, editor. Workshop Reports. 1998 Workshop on Compositional Software Architectures, Monterey, USA, January 1998. http://www.objs.com/workshops/ws9801/report.html.
J. Voas. Certifying off-the-shelf software components. IEEE Computer, pages 53–59, June 1998.
J. Voas. The challenges of using COTS software in component-based development. IEEE Computer, pages 44–45, June 1998.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khan, K., Han, J., Zheng, Y. (1999). Security Properties of Software Components. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_6
Download citation
DOI: https://doi.org/10.1007/3-540-47790-X_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66695-0
Online ISBN: 978-3-540-47790-7
eBook Packages: Springer Book Archive