Secure Coding mailing list archives
Inherently Secure Code?
From: neumann at csl.sri.com (Peter G. Neumann)
Date: Wed, 26 Aug 2009 6:48:55 PDT
I don't much like INHERENTLY SECURE CODE. Software components by themselves are not secure. Security (and trustworthiness that encompasses security, reliability, survivability, etc.) is an emergent property of the entire system or enterprise. To say that a component is secure is rather fatuous. See my DARPA report on composable trustworthy architectures for starters. http://www.csl.sri.com/neumann/chats4.pdf or .html
Current thread:
- Inherently Secure Code? Peter G. Neumann (Aug 26)
- Inherently Secure Code? Benjamin Tomhave (Aug 27)
- Inherently Secure Code? ljknews (Aug 27)
- Inherently Secure Code? Benjamin Tomhave (Aug 27)