Secure software infrastructure in the internet age |
| |
Authors: | Email author" target="_blank">Etsuya?ShibayamaEmail author Akinori?Yonezawa |
| |
Affiliation: | (1) Tokyo Institute of Technology, 2-12-1 Ookayama, Meguro-ku, 152-8552 Tokyo, Japan;(2) The University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113-0033 Tokyo, Japan |
| |
Abstract: | The rapid growth and penetration of the Internet are now leading us to a world where networks are ubiquitous and everything
is connected. Breaking the distance barrier by the ubiquitous connection, however, is a two-edged sword. Our network infrastructure
today is still fragile and thus “everything is connected” may simply mean “everything can be attacked from whatever place
on the earth.”
In this paper, we first point out the importance and inherent problems of software systems that underlay open and extensible
networks, especially the Internet. We put emphasis on software since software vulnerabilities account for most attacks, incidents,
or even disasters on the Internet today. Next we present general ideas of promising techniques in defense of software systems,
including theoretical, language-based, and runtime solutions. Finally, we show our experience in developing a secure mail
system.
Etsuya Shibayama, D.Sc.: He is a professor of the Graduate School of Information Science and Engineering at Tokyo Institute of Technology. He received
B.Sc. and M.Sc. in mathematical sciences from Kyoto University in 1981 and 1983, respectively, and D.Sc. in information science
from the University of Tokyo in 1991. He is interested in various topics in software including design and implementation of
textual and visual programming languages, system software, and user interface software. Recently, he has been doing research
on language-based software security and methodologies for building secure software.
Akinori Yonezawa, Ph.D.: He is a Professor of computer science at Department of Computer Science, the University of Tokyo. He received his Ph.D. in
Computer Science form the Massachusetts Institute of Technology in 1977. His current major research interests are in the areas
of concurrent/parallel computation models, programming languages, object-oriented computing and distributed computing. He
is the designer of and object-oriented concurrent language ABCL/1 and the editor of several books and served as an associate
editor of ACM Transaction of Programming Language and Systems (TOPLAS). Since 1998, he has been an ACM Fellow. |
| |
Keywords: | Internet Security Software Security Verification and Static Analysis Language-Based Security Runtime Monitoring |
本文献已被 SpringerLink 等数据库收录! |
|