Program Design and Security

Voorhees, David P.

doi:10.1007/978-3-030-28501-2_8

David P. Voorhees⁴

Part of the book series: Texts in Computer Science ((TCS))

1939 Accesses

Abstract

A fifth program design criteria—information security—is described from a programming perspective. Information security concepts introduced in this chapter include data input validation, data output validation, exception handling, fail-safe defaults, and type-safe languages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Hardcover Book: USD 84.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
The output shown for the C++ NotSafe program results from compiling and linking this C++ example using GNU C++ (GCC) version 4.8.1 and then executing on Windows 10 Home Edition version 1607 OS Build 14939.1198. The behavior of this C++ program may differ when using a different C++ compiler or operating system.
2.
The runtime stack is used to store information related to each function/method call. Each parameter value passed via the call and any local variables defined within the function/method are stored on the runtime stack. In addition, the return address of where the function/method call should return to is also stored on the runtime stack.

References

Wiktionary.org: Security (2019) Wiktionary the free dictionary. Wikimedia Foundation. https://en.wiktionary.org/wiki/security. Accessed 10 Feb 2019
Wikipedia.org: Morris worm (2015) Wikepedia the free encyclopedia. Wikimedia Foundation. https://en.wikipedia.org/wiki/Morris_worm. Accessed 29 July 2015
The joint task force on computing curricula: computer science curricula (2013) Curriculum guidelines for undergraduate degree programs in computer science. ACM and IEEE
Google Scholar
National institute of standards and technology: computer security resource center glossary (2019) NIST. https://csrc.nist.gov/glossary. Accessed 10 Feb 2019
National institute of standards and technology: cybersecurity framework (2019) NIST. https://www.nist.gov/cyberframework. Accessed 09 March 2019
Alicherry M, Keromytis AD, Stavrou A (2009) Deny-by-default distributed security policy enforcement in mobile ad hoc networks. http://www.cs.columbia.edu/~angelos/Papers/2009/manet-securecomm.pdf. Accessed 24 June 2014
Hoglund G, McGraw G (2004) Exploiting software: how to break code. Addison Wesley, Boston
Google Scholar
Tripwire: Tripwire uncovers smart home hub zero-day vulnerabilities. Tripwire Press Release (2015). https://www.tripwire.com/company/press-releases/2015/08/tripwire-uncovers-significant-security-flaws-in-popular-smart-home-automation-hub/. Accessed 10 August 2015

Download references

Author information

Authors and Affiliations

Le Moyne College, Syracuse, NY, USA
David P. Voorhees

Authors

David P. Voorhees
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David P. Voorhees .

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Voorhees, D.P. (2020). Program Design and Security. In: Guide to Efficient Software Design. Texts in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-030-28501-2_8

Download citation

DOI: https://doi.org/10.1007/978-3-030-28501-2_8
Published: 02 January 2020
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-28500-5
Online ISBN: 978-3-030-28501-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics