Search COSPA-KB:

Advanced Search
Home
 
Browse
Communities
& Collections
Titles
Authors
By Date
 
Sign on to:
Receive email
updates
My COSPA Knowledge Base
authorized users
Edit Profile
 
Good Practices
Take Questionnaire
 
About the source code
of COSPA Knowledge Base
The actual source code
of COSPA Knowledge Base

COSPA Knowledge Base > COSPA Knowledge Base > Comparison, selection, & suitability of OSS >

Please use this identifier to cite or link to this item: http://hdl.handle.net/2038/1275

Title: The Case for Common Flaw Enumeration
Authors: Martin, Robert A.
Christey, Steven M.
Jarzombek, Joe
Keywords: Faults, Security, taxonomies, security flaws, idiosyncrasies, weaknesses, WIFF, Common Vulnerabilities and Exposures, CVE, vulnerabilities
Abstract: Software acquirers want assurance that the software products they are obtaining are reviewed for known types of security flaws. The acquisition groups in large government and private organizations are moving forward to use these types of reviews as part of future contracts. The tools and services that can be used for this type of review are fairly new at best. However, there are no nomenclature, taxonomies, or standards to define the capabilities and coverage of these tools and services. This makes it difficult to comparatively decide which tool/service is best suited for a particular job. A standard taxonomy of software security vulnerabilities can serve as a unifying language of discourse and measuring stick for tools and services. Leveraging the diverse thinking on this topic from academia, the commercial sector, and government, we can pull together the most valuable breadth and depth of content and structure to serve as a unified standard. As a starting point, we plan to leverage t...
Licence: Creative Commons, non-commercial, attributive
Issue Date: 7-Nov-2005
URI: http://hdl.handle.net/2038/1275
bibliographicCitation: cve.mitre.org/cwe/documents/case_for_cwes.pdf , retrieving date 16th May 2004
Appears in Collections:Comparison, selection, & suitability of OSS

Files in This Item:

File SizeFormat
case_for_cwes.pdf286KbAdobe PDFView/Open

Show full item record

All items in COSPA Knowledge Base are protected by copyright, with all rights reserved.

View comments
Add comment

Subscribe to this item to receive daily e-mail notification of new additions

 
IF you have any difficulties with this system, please contact us.