Abstract
A fifth program design criteria—information security—is described from a programming perspective. Information security concepts introduced in this chapter include data input validation, data output validation, exception handling, fail-safe defaults, and type-safe languages.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The output shown for the C++ NotSafe program results from compiling and linking this C++ example using GNU C++ (GCC) version 4.8.1 and then executing on Windows 10 Home Edition version 1607 OS Build 14939.1198. The behavior of this C++ program may differ when using a different C++ compiler or operating system.
- 2.
The runtime stack is used to store information related to each function/method call. Each parameter value passed via the call and any local variables defined within the function/method are stored on the runtime stack. In addition, the return address of where the function/method call should return to is also stored on the runtime stack.
References
Wiktionary.org: Security (2019) Wiktionary the free dictionary. Wikimedia Foundation. https://en.wiktionary.org/wiki/security. Accessed 10 Feb 2019
Wikipedia.org: Morris worm (2015) Wikepedia the free encyclopedia. Wikimedia Foundation. https://en.wikipedia.org/wiki/Morris_worm. Accessed 29 July 2015
The joint task force on computing curricula: computer science curricula (2013) Curriculum guidelines for undergraduate degree programs in computer science. ACM and IEEE
National institute of standards and technology: computer security resource center glossary (2019) NIST. https://csrc.nist.gov/glossary. Accessed 10 Feb 2019
National institute of standards and technology: cybersecurity framework (2019) NIST. https://www.nist.gov/cyberframework. Accessed 09 March 2019
Alicherry M, Keromytis AD, Stavrou A (2009) Deny-by-default distributed security policy enforcement in mobile ad hoc networks. http://www.cs.columbia.edu/~angelos/Papers/2009/manet-securecomm.pdf. Accessed 24 June 2014
Hoglund G, McGraw G (2004) Exploiting software: how to break code. Addison Wesley, Boston
Tripwire: Tripwire uncovers smart home hub zero-day vulnerabilities. Tripwire Press Release (2015). https://www.tripwire.com/company/press-releases/2015/08/tripwire-uncovers-significant-security-flaws-in-popular-smart-home-automation-hub/. Accessed 10 August 2015
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Voorhees, D.P. (2020). Program Design and Security. In: Guide to Efficient Software Design. Texts in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-030-28501-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-28501-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-28500-5
Online ISBN: 978-3-030-28501-2
eBook Packages: Computer ScienceComputer Science (R0)