2009 | OriginalPaper | Buchkapitel
Report: Measuring the Attack Surfaces of Enterprise Software
verfasst von : Pratyusa K. Manadhata, Yuecel Karabulut, Jeannette M. Wing
Erschienen in: Engineering Secure Software and Systems
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Software vendors are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the
attack surface
of software is a complementary approach. In this paper, we apply a method for measuring attack surfaces to enterprise software written in
Java
. We implement a tool as an Eclipse plugin to measure an SAP software system’s attack surface in an automated manner. We demonstrate the feasibility of our approach by measuring the attack surfaces of three versions of an SAP software system. We envision our measurement method and tool to be useful to software developers for improving software security and quality.