MIT Libraries homeMIT Libraries logoDSpace@MIT

MIT
View Item 
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Theses - Systems Design and Management
  • Systems Design and Management - Master's degree
  • View Item
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Theses - Systems Design and Management
  • Systems Design and Management - Master's degree
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Designing security into software

Author(s)
Zhang, Chang Tony
Thumbnail
DownloadFull printable version (5.756Mb)
Other Contributors
System Design and Management Program.
Advisor
Michael A. Cusumano.
Terms of use
M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself. Therefore the thesis sets out to investigate if we can develop secure software in the first place. It first starts with a survey of the software security field, including the definition of software security, its current state and the research having been carried out in this aspect. Then the development processes of two products known for their security: Microsoft IIS 6.0 and Apache HTTP Web Server are examined. Although their approaches to tackle security are seemingly quite different, the analysis and comparisons identify they share a common framework to address the software security problem - designing security early into the software development lifecycle. In the end the thesis gives recommendations as to how to design security into software development process based upon the principles from the research and the actual practices from the two cases. Finally it describes other remaining open issues in this field.
Description
Thesis (S.M.)--Massachusetts Institute of Technology, System Design and Management Program, 2006.
 
Includes bibliographical references (p. 88-92).
 
Date issued
2006
URI
http://hdl.handle.net/1721.1/35098
Department
System Design and Management Program.
Publisher
Massachusetts Institute of Technology
Keywords
System Design and Management Program.

Collections
  • Systems Design and Management - Master's degree
  • Systems Design and Management - Master's degree

Browse

All of DSpaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

My Account

Login

Statistics

OA StatisticsStatistics by CountryStatistics by Department
MIT Libraries homeMIT Libraries logo

Find us on

Twitter Facebook Instagram YouTube RSS

MIT Libraries navigation

SearchHours & locationsBorrow & requestResearch supportAbout us
PrivacyPermissionsAccessibility
MIT
Massachusetts Institute of Technology
Content created by the MIT Libraries, CC BY-NC unless otherwise noted. Notify us about copyright concerns.