부산대학교 도서관

교내접속OFF
영문 바로가기
Home
통합검색
학술논문

학술논문

replay검색결과 돌아가기
search검색화면
Information Exposure (IEX): A New Class in the Bugs Framework (BF)
Document Type
Conference
Author
Bojanova, IrenaYesha, YaacovBlack, Paul E.Wu, Yan
Source
2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC) COMPSAC Computer Software and Applications Conference (COMPSAC), 2019 IEEE 43rd Annual. 1:559-564 Jul, 2019
Subject
Computing and Processing
General Topics for Engineers
Software
Cryptography
Computer bugs
Password
Taxonomy
Business
sensitive information, information exposure, information leakage, software weaknesses, bug taxonomy, attacks
Language
Abstract
Exposure of sensitive information can be harmful on its own. In addition, it could enable further attacks. A rigorous and unambiguous definition of information exposure faults can help researchers and practitioners identify them, thus avoiding security failures. This paper describes Information Exposure (IEX), a new class in the Bugs Framework (BF). The IEX class comprises a rigorous definition and (static) attributes of the class, along with their related dynamic properties, such as proximate and secondary causes, consequences and sites. We use the IEX class to analyze specific vulnerabilities and provide clear descriptions. We also discuss lessons we learned that will help create additional BF classes.

Online Access

Full Text (IEEE) Find it@PNU

메일 발송

이메일

폴더 추가