|
We have four different subjects in this chapter: Operating system security, security evaluation, secure software development and software vulnerabilities. Each of these is a very wide topic that desires its own chapter. Consequently this chapter looks like a potpourri which tries to provide summarized information for all of them. Among these four issues, the first two and the last two are closely related though.
Security evaluation studies tell us about the classification of operating system security however in a case study, we have discussed their limitations and how they might lead to wrong conclusions. Integrating security in the software development methodology is by far the most promising solution to avoid software vulnerabilities. We have seen only one type of software vulnerability here. Potentially malicious software can benefit others such as race conditions, misuse of random number generation and format string problems.
|
