Scheduled System Maintenance on October 20th, 2014:
IEEE Xplore will be upgraded between 10:00 and 10:15 AM EDT. During this time there may be intermittent impact on performance. We apologize for any inconvenience.
By Topic

Considering defense in depth for software applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Stytz, M.R. ; Air Force Res. Lab., Wright-Patterson AFB, OH, USA

Despite efforts to develop processes and technologies that enhance software application security, to date, no one has found a "silver-bullet" solution or set of solutions that solve this complex problem - and there don't appear to be any on the horizon. As a result, perhaps researchers and developers should consider a defense-in-depth strategy and determine if it provides a more resilient and cost-effective approach to application security than a single line of defense. The best defense-in-depth strategy for software source and binary code would intertwine application defenses in such a manner that each defensive technique interlocks with and supports all the others. Of necessity, this conceptualization for interlocking defense Would not relieve the development team of the need to maintain best practices for secure software development and software development in general.

Published in:

Security & Privacy, IEEE  (Volume:2 ,  Issue: 1 )