Considering defense in depth, for software applications

被引：27

作者：

Stytz, MR ^{[1
]}

机构：

[1] USAF, Res Lab, Wright Patterson AFB, OH 45433 USA

来源：

IEEE SECURITY & PRIVACY | 2004年 / 2卷 / 01期

关键词：

D O I：

10.1109/MSECP.2004.1264860

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The advantages of applying a defense-in-depth strategy for software application security are discussed. By using a defense-in-depth paradigm, attackers defeat all defenses to access protected items. With defense properly arrayed, attackers cannot gain insight into inner defensives while attacking outer ones and, a degree of mutual support but not interdependence exists among defensive layers. As defense-in-depth approach seems appropriate for application protection, it appears that the best defense-in-depth strategy for software source and binary code would undertwine application defenses in such a manner that each defensive technology interlocks with and supports all the others.

引用

页码：72 / 75

页数：4

共 50 条

[21] Depth Enhancement Considering Just Noticeable Difference in Depth
Jung, Seung-Won
Ko, Sung-Jea
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2012, E95A (03) : 673 - 675
[22] Biomaterials: Considering Breadth and Depth
Neuman, Michael R.
IEEE PULSE, 2013, 4 (04) : 6 - +
[23] Defense-in-depth and new reactors
Bonaca, M
WORKSHOP ON ADVANCED NUCLEAR REACTOR SAFETY ISSUES AND RESEARCH NEEDS, 2002, : 39 - 41
[24] BREASTFEEDING AND IMMUNITY - ADAPTABLE DEFENSE IN DEPTH
JELLIFFE, DB
JELLIFFE, EFP
JOURNAL OF TROPICAL PEDIATRICS, 1985, 31 (02) : 66 - 67
[25] Give aviation security defense in depth
不详
AVIATION WEEK & SPACE TECHNOLOGY, 2001, 155 (14): : 78 - 78
[26] Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth
Pottebaumt, Jens
Rosser, Jost
Somorovsky, Juraj
Acar, Yasemin
Fahrt, Rene
Cabarcos, Patricia Arias
Boddent, Eric
Graeaaler, Iris
2023 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS, EUROS&PW, 2023, : 379 - 385
[27] Give aviation security defense in depth
Anon
Aviation Week and Space Technology (New York), 2001, 155 (14):
[28] Beyond Perimeter Defense: Defense-in-Depth Leveraging Upstream Security
McMahon, Dave
BEST PRACTICES IN COMPUTER NETWORK DEFENSE: INCIDENT DETECTION AND RESPONSE, 2014, 35 : 43 - 53
[29] Knowledge-based software design for Defense-in-Depth risk monitor system and application for AP1000
Ma, Zhanguo
Yoshikawa, Hidekazu
Nakagawa, Takashi
Yang, Ming
JOURNAL OF NUCLEAR SCIENCE AND TECHNOLOGY, 2017, 54 (05) : 552 - 568
[30] Defense Applications of MEMS
William C. Tang
Abraham P. Lee
MRS Bulletin, 2001, 26 : 318 - 319

← 1 2 3 4 5 →