Bis zu 50 % günstiger als neu
3 Jahre rebuy Garantie
Professionelles Refurbishment
Elektronik
Deals
Medien
Tipps & News
AppleAlle anzeigen
TabletsAlle anzeigen
HandyAlle anzeigen
Fairphone
AppleAlle anzeigen
iPhone Air Generation
GoogleAlle anzeigen
Pixel Fold
HonorAlle anzeigen
NothingAlle anzeigen
OnePlusAlle anzeigen
OnePlus 11 GenerationOnePlus 12 GenerationOnePlus 5 GenerationOnePlus 6 GenerationWeitere Modelle
SamsungAlle anzeigen
Galaxy XcoverWeitere Modelle
SonyAlle anzeigen
Weitere ModelleXperia LXperia MXperia X
XiaomiAlle anzeigen
Weitere Modelle
Tablets & eBook ReaderAlle anzeigen
Google
AppleAlle anzeigen
Zubehör
HuaweiAlle anzeigen
MatePad Pro Serie
XiaomiAlle anzeigen
Kameras & ZubehörAlle anzeigen
Kamera Bundles
ObjektiveAlle anzeigen
SamyangZEISS
System & SpiegelreflexAlle anzeigen
CanonAlle anzeigen
FujifilmAlle anzeigen
OlympusAlle anzeigen
PanasonicAlle anzeigen
SonyAlle anzeigen
WearablesAlle anzeigen
SmartwatchesAlle anzeigen
LGMotorolaSonyXiaomi
Konsolen & ZubehörAlle anzeigen
Lenovo Legion GoMSI Claw
NintendoAlle anzeigen
Nintendo Game Boy ClassicNintendo Switch Lite
PlayStationAlle anzeigen
XboxAlle anzeigen
Audio & HiFiAlle anzeigen
Zubehör
iPodAlle anzeigen
Zubehör

Handgeprüfte Gebrauchtware

Bis zu 50 % günstiger als neu

Der Umwelt zuliebe

Refactoring of security antipatterns in distributed Java components

Marc Schönefeld (Broschiert, Englisch)

Keine Bewertungen vorhanden
Optischer Zustand
Beschreibung
The importance of JAVA as a programming and execution environment has grown steadily over the past decade. Furthermore, the IT industry has adapted JAVA as a major building block for the creation of new middleware as well as a technology facilitating the migration of existing applications towards web-driven environments. Parallel in time, the role of security in distributed environments has gained attention, as a large amount of middleware applications has replaced enterprise-level mainframe systems. The protection of confidentiality, integrity and availability are therefore critical for the market success of a product. The vulnerability level of every product is determined by the weakest embedded component, and selling vulnerable products can cause enormous economic damage to software vendors. An important goal of this work is to create the awareness that the usage of a programming language, which is designed as being secure, is not sufficient to create secure and trustworthy distributed applications. Moreover, the incorporation of the threat model of the programming language improves the risk analysis by allowing a better definition of the attack surface of the application. The evolution of a programming language leads towards common patterns for solutions for recurring quality aspects. Suboptimal solutions, also known as ´antipatterns´, are typical causes for quality weaknesses such as security vulnerabilities. Moreover, the exposure to a specific environment is an important parameter for threat analysis, as code considered secure in a specific scenario can cause unexpected risks when switching the environment. Antipatterns are a well-established means on the abstractional level of system modeling to inform about the effects of incomplete solutions, which are also important in the later stages of the software development process. Especially on the implementation level, we see a deficit of helpful examples, that would give programmers a better and holistic understanding. In our basic assumption, we link the missing experience of programmers regarding the security properties of patterns within their code to the creation of software vulnerabilities. Traditional software development models focus on security properties only on the meta layer. To transfer these efficiently to the practical level, we provide a three-stage approach: First, we focus on typical security problems within JAVA applications, and develop a standardized catalogue of ´antipatterns´ with examples from standard software products. Detecting and avoiding these antipatterns positively influences software quality. We therefore focus, as second element of our methodology, on possible enhancements to common models for the software development process. These help to control and identify the occurrence of antipatterns during development activities, i. e. during the coding phase and during the phase of component assembly, integrating one´s own and third party code. Within the third part, and emphasizing the practical focus of this research, we implement prototypical tools for support of the software development phase. The practical findings of this research helped to enhance the security of the standard JAVA platforms and JEE frameworks. We verified the relevance of our methods and tools by applying these to standard software products leading to a measurable reduction of vulnerabilities and an information exchange with middleware vendors (Sun Microsystems, JBoss) targeting runtime security. Our goal is to enable software architects and software developers developing end-user applications to apply our findings with embedded standard components on their environments. From a high-level perspective, software architects profit from this work through the projection of the quality-of-service goals to protection details. This supports their task of deriving security requirements when selecting standard components. In order to give implementation-near practitioners a helpful starting point to benefit from our research we provide tools and case-studies to achieve security improvements within their own code base.
Dieses Produkt haben wir gerade leider nicht auf Lager.
ab 12,59 €
Derzeit nicht verfügbar
Derzeit nicht verfügbar

Handgeprüfte Gebrauchtware

Bis zu 50 % günstiger als neu

Der Umwelt zuliebe

Technische Daten


Erscheinungsdatum
30.06.2010
Sprache
Englisch
EAN
9783923507672
Herausgeber
University of Bamberg Press
Serien- oder Bandtitel
Schriften aus der Fakultät Wirtschaftsinformatik und Angewandte Informatik der Otto-Friedrich-Universität Bamberg
Sonderedition
Nein
Autor
Marc Schönefeld
Seitenanzahl
450
Einbandart
Broschiert
Bandzählung
5
Schlagwörter
Java , Online-Publikation, Computersicherheit
Thema-Inhalt
UMX - Programmier- und Skriptsprachen, allgemein
Höhe
210 mm
Breite
15 cm
-.-
Leider noch keine Bewertungen
Leider noch keine Bewertungen
Schreib die erste Bewertung für dieses Produkt!
Wenn du eine Bewertung für dieses Produkt schreibst, hilfst du allen Kund:innen, die noch überlegen, ob sie das Produkt kaufen wollen. Vielen Dank, dass du mitmachst!