| dc.contributor.advisor | Weitzner, Daniel J. | |
| dc.contributor.author | Blessing, Jenny | |
| dc.date.accessioned | 2022-01-14T14:44:05Z | |
| dc.date.available | 2022-01-14T14:44:05Z | |
| dc.date.issued | 2021-06 | |
| dc.date.submitted | 2021-06-11T14:54:00.533Z | |
| dc.identifier.uri | https://hdl.handle.net/1721.1/139005 | |
| dc.description.abstract | This thesis provides empirical metrics for different vectors for vulnerability introduction, with a particular focus on cryptographic software. Through quantitative analysis of source code and vulnerability metrics from a variety of cryptographic libraries, we arrive at a more precise notion of what types of modifications introduce a higher level of risk into a system. Empirical evidence of the causes of security risk will provide technically-grounded guidance in the ongoing policy debate over exceptional access, enabling the security community to more objectively evaluate proposed exceptional access systems. | |
| dc.publisher | Massachusetts Institute of Technology | |
| dc.rights | In Copyright - Educational Use Permitted | |
| dc.rights | Copyright MIT | |
| dc.rights.uri | http://rightsstatements.org/page/InC-EDU/1.0/ | |
| dc.title | Towards Empirical Evaluation of Software Security Risk | |
| dc.type | Thesis | |
| dc.description.degree | S.M. | |
| dc.description.degree | S.M. | |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.contributor.department | Massachusetts Institute of Technology. Institute for Data, Systems, and Society | |
| mit.thesis.degree | Master | |
| thesis.degree.name | Master of Science in Technology and Policy | |
| thesis.degree.name | Master of Science in Electrical Engineering and Computer Science | |
