By Topic

Resilient Security Architecture: A Complementary Approach to Reducing Vulnerabilities

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
John Diamant ; Hewlett-Packard

The software industry would benefit from more emphasis on avoiding security mistakes in the first place. That means security requirements analysis and architecting and designing security in, an approach that's currently rare but that provides substantial benefits. The most common approaches to the latent (generally called 0-day) vulnerability problem fall into one of two categories: Do nothing. Wait for vulnerabilities to be discovered after release, and then patch them. Test security in. Implement code with vulnerabilities, and invest in finding or removing as many vulnerabilities as practical before release or production.

Published in:

IEEE Security & Privacy  (Volume:9 ,  Issue: 4 )