Towards Secure Scripting Development
This work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automat...
Guardado en:
| Autores principales: | , |
|---|---|
| Formato: | Objeto de conferencia |
| Lenguaje: | Inglés |
| Publicado: |
2011
|
| Materias: | |
| Acceso en línea: | http://sedici.unlp.edu.ar/handle/10915/141863 https://40jaiio.sadio.org.ar/sites/default/files/T2011/WSegI/972.pdf |
| Aporte de: |
| Sumario: | This work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automatic tools for static code analysis to ensure that usual pitfalls are avoided from the very beginning. This work contributes with an overview of specific insights on Perl and Python security, together with a list of publicily available support tools, and how they are best applied and integrated into the development process. The proposed development framework is based on a supporting infrastructure which minimizes effort on peer reviews and allows early identification of security issues, making their resolution easier and cheaper. |
|---|