On Aug 21, 2009, at 12:18 PM, Brad Andrews wrote:
This brings up a great point. How can we grade a program's security level? Is it just a checkoff list? Which elements should be in that checkoff list?
You may be interested in reading: Teaching Secure Programming IEEE Security and Privacy archive Volume 3 , Issue 5 (September 2005) table of contents Pages: 54 - 56 Year of Publication: 2005 ISSN:1540-7993 Authors Matt Bishop University of California, Davis Deborah A. Frincke Pacific Northwest National Laboratory Publisher IEEE Educational Activities Department Piscataway, NJ, USA _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________