Holographic Vulnerability Studies: Vulnerabilities as Fractures in Interpretation as Information Flows Across Abstraction Boundaries

Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
The authors are always patching their systems against specific instances of whatever the latest new, hot, trendy vulnerability type is. First it was time-of-check-to-time-of-use, then buffer overflows, then SQL injection, then cross-site scripting. Vulnerability studies are supposed to accomplish two main goals: to classify vulnerabilities into general classes so that unknown vulnerabilities of that class can be discovered in a proactive way and to enable the users to understand the fundamental nature of vulnerabilities so that when they build new systems they know how to make them secure.

Find By Topic