中文
相关论文

相关论文: On Vulnerabilities, Constraints and Assumptions

200 篇论文

Empirical results in software engineering have long started to show that findings are unlikely to be applicable to all software systems, or any domain: results need to be evaluated in specified contexts, and limited to the type of systems…

软件工程 · 计算机科学 2023-11-21 Cezar Sas , Andrea Capiluppi

Security must be considered in almost every software system. Unfortunately, selecting and implementing security features remains challenging due to the variety of security threats and possible countermeasures. While security standards are…

Within the growing domain of software engineering in the automotive sector, the number of used tools, processes, methods and languages has increased distinctly in the past years. To be able to choose proper methods for particular…

软件工程 · 计算机科学 2016-01-15 Florian Bock , Daniel Homm , Sebastian Siegl , Reinhard German

The types of constraints encountered in black-box and simulation-based optimization problems differ significantly from those treated in nonlinear programming. We introduce a characterization of constraints to address this situation. We…

最优化与控制 · 数学 2015-06-01 Sébastien Le Digabel , Stefan M. Wild

Complexity is an inherent attribute of any project. The purpose of defining and documenting complexity is to have an early warning tool allowing a project team to focus on certain areas and aspects of the project in order to prevent and…

软件工程 · 计算机科学 2015-12-25 Alexei Botchkarev , Patrick Finnigan

The notion of Attack Surface refers to the critical points on the boundary of a software system which are accessible from outside or contain valuable content for attackers. The ability to identify attack surface components of software…

软件工程 · 计算机科学 2022-03-31 Sara Moshtari , Ahmet Okutan , Mehdi Mirakhorli

A probabilistic database with attribute-level uncertainty consists of relations where cells of some attributes may hold probability distributions rather than deterministic content. Such databases arise, implicitly or explicitly, in the…

数据库 · 计算机科学 2022-12-26 Amir Gilad , Aviram Imber , Benny Kimelfeld

Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…

密码学与安全 · 计算机科学 2016-12-20 Pierre Bergé , Jason Crampton , Gregory Gutin , Rémi Watrigant

software component misuse a privileged relationship with the hardware to by pass system protections, monitors, or forensic tools. These relationships are often not illegal and exist between system components by design. Hence, even a system…

密码学与安全 · 计算机科学 2018-09-06 Seyyedeh Atefeh Musavi , Mahmoud Reza Hashemi

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component…

Understanding student difficulties in programming is a complex challenge due to the wide range of topics and the abundant varieties of misconceptions and errors. This paper presents the design and development of a fine-grained taxonomy that…

计算机与社会 · 计算机科学 2026-05-27 Dimitri Eckert , Christian Kautz

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

密码学与安全 · 计算机科学 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

In organizations, employees work with information stored in files according to their duties and responsibilities. Windows uses resource-based access permissions that any permission for any user has to be set separately per resource. This…

密码学与安全 · 计算机科学 2023-06-14 Hakan Temiz , Ahmet Buyukeke

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole…

密码学与安全 · 计算机科学 2017-05-11 Federico De Meo , Luca Viganò

Cloud Computing is a new era of remote computing / Internet based computing where one can access their personal resources easily from any computer through Internet. Cloud delivers computing as a utility as it is available to the cloud…

分布式、并行与集群计算 · 计算机科学 2017-03-02 Swapnil M Parikh , Narendra M Patel , Harshadkumar B Prajapati

Accountability is an often called for property of technical systems. It is a requirement for algorithmic decision systems, autonomous cyber-physical systems, and for software systems in general. As a concept, accountability goes back to the…

软件工程 · 计算机科学 2021-04-30 Severin Kacianka , Alexander Pretschner

The importance of security metrics can hardly be overstated. Despite the attention that has been paid by the academia, government and industry in the past decades, this important problem stubbornly remains open. In this survey, we present a…

密码学与安全 · 计算机科学 2016-01-25 Marcus Pendleton , Richard Garcia-Lebron , Shouhuai Xu

Identity management refers to the technology and policies for the identification, authentication, and authorization of users in computer networks. Identity management is therefore fundamental to today's IT ecosystem. At the same time,…

密码学与安全 · 计算机科学 2023-01-03 Daniela Pöhn und Wolfgang Hommel

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the control-flow or…

密码学与安全 · 计算机科学 2020-03-25 Bilgiday Yuce , Patrick Schaumont , Marc Witteman

Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapidly becoming one of the fundamental threats for information systems connected to the Internet. When the attacks suffered by web servers through the years are analyzed,…

密码学与安全 · 计算机科学 2007-05-23 Gonzalo Alvarez , Slobodan Petrovic