ALBERT — All Library Books, journals and Electronic Records Telegrafenberg

1

Unknown

Reducing software security risk through an integrated approach (2001)

Kelly, J. C. ; Gilliam, D. P. ; Bishop, M. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-11

Keywords: Computer Programming and Software

Type: Software Engineering Workshop; Greenbelt, MD; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

2

Unknown

Reducing software security risk through an integrated approach (2001)

Gilliam, D. ; Bishop, M. ; Kelly, J. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-11

Description: The fourth quarter delivery, FY'01 for this RTOP is a Property-Based Testing (PBT), 'Tester's Assistant' (TA). The TA tool is to be used to check compiled and pre-compiled code for potential security weaknesses that could be exploited by hackers. The TA Instrumenter, implemented mostly in C++ (with a small part in Java), parsels two types of files: Java and TASPEC. Security properties to be checked are written in TASPEC. The Instrumenter is used in conjunction with the Tester's Assistant Specification (TASpec)execution monitor to verify the security properties of a given program.

Keywords: Computer Programming and Software

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

3

Unknown

Analyzing the security of an existing computer system (1986)

Bishop, M.

In: CASI

add to mindlist on the mindlist

Details

Publication Date: 2019-06-28

Description: Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Keywords: COMPUTER OPERATIONS AND HARDWARE

Type: NASA-TM-89205 , RIACS-TR-86.13 , NAS 1.15:89205

Format: application/pdf

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

Overview

4

Unknown

Access control and privacy in large distributed systems (1986)

Bishop, M. ; Leiner, B. M.

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2019-06-28

Description: Large scale distributed systems consists of workstations, mainframe computers, supercomputers and other types of servers, all connected by a computer network. These systems are being used in a variety of applications including the support of collaborative scientific research. In such an environment, issues of access control and privacy arise. Access control is required for several reasons, including the protection of sensitive resources and cost control. Privacy is also required for similar reasons, including the protection of a researcher's proprietary results. A possible architecture for integrating available computer and communications security technologies into a system that meet these requirements is described. This architecture is meant as a starting point for discussion, rather that the final answer.

Keywords: COMPUTER SYSTEMS

Type: AIAA PAPER 86-2781

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

5

Unknown

Access control and privacy in large distributed systems (1986)

Bishop, M. ; Leiner, B. M.

In: CASI

add to mindlist on the mindlist

Details

Publication Date: 2019-06-28

Description: Large scale distributed systems consists of workstations, mainframe computers, supercomputers and other types of servers, all connected by a computer network. These systems are being used in a variety of applications including the support of collaborative scientific research. In such an environment, issues of access control and privacy arise. Access control is required for several reasons, including the protection of sensitive resources and cost control. Privacy is also required for similar reasons, including the protection of a researcher's proprietary results. A possible architecture for integrating available computer and communications security technologies into a system that meet these requirements is described. This architecture is meant as a starting point for discussion, rather that the final answer.

Keywords: COMPUTER SYSTEMS

Type: NASA-TM-89397 , RIACS-TR-86.6 , NAS 1.15:89397

Format: application/pdf

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

Overview

6

Unknown

Reducing Software Security Risk Through an Integrated Approach (2000)

Kelly, J. ; Bishop, M. ; Gilliam, D.

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-08

Description: This paper discusses new joint work by the California Institute of Technology's Jet Propulsion Laboratory and the University of California at Davis sponsored by the National Aeronautics and Space Administration to develop a security assessment instrument for the software development and maintenance life cycle.

Keywords: Computer Programming and Software

Type: Reducing Software Security Risk Through an Integrated Approach; Morgantown, WV; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

7

Unknown

Reducing software security risk through an integrated approach (2002)

Powell, J. ; Bishop, M. ; Wolfe, T. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-08

Keywords: Computer Programming and Software

Type: NASA IV&amp;V Software Assurance Symposium; WV; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

8

Unknown

Reducing software security risk through an integrated approach (2001)

Kelly, J. ; Gilliam, D. P. ; Powell, J. D. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-08

Description: This paper presents research on the generation of a software security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

Keywords: Computer Programming and Software

Type: 26th Annual Software Engineering Workshop; Greenbelt, MD; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

9

Unknown

Development of a software security assessment instrument to reduce software security risk (2001)

Gilliam, D. P. ; Powell, J. D. ; Kelly, J. C. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-08

Description: This paper discusses development of a security assessment instrument for the software development and maintenance life cycle. The assessment instrument is a collection of tools and procedures to support development of secure software.

Keywords: Computer Programming and Software

Type: IEEE WETICE 2001 6th International Workshop on Enterprise Security; Cambridge, MA; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X

10

Unknown

Development of a software security assessment instrument to reduce software security risk (2001)

Powell, J. D. ; Kelly, J. C. ; Bishop, M. ; [et al.]

In: Other Sources

add to mindlist on the mindlist

Details

Publication Date: 2018-06-08

Description: This paper discusses the development of a security assessment instrument for the software development and maintenance life cycle.

Keywords: Computer Programming and Software

Type: IEEE WETICE 2001 6th International Workshop on Enterprise Security; Cambridge, MA; United States

Format: text

Permalink

	Location	Call Number	Expected	Availability

Others were also interested in ...

NASA TECHNICAL REPORTS

S·F·X