Mini Tutorial en Seguridad de Software: "Techniques for Secure Programming"


Compartir
Charlista: 
Barton Miller, Computer Sciences Department, University of Wisconsin, USA
Fecha: 
29 Octubre, 2012 - 12:00
Sala: 
Auditorio DCC, 3er piso
Organización: 
DCC

Día Hora:

               * Lunes  29 Oct 2012, 12pm-1:30pm (parte I)

               * Lunes 29 Oct 2012, 3pm-4:30pm (parte II)

 

Abstract:

Security is crucial to the software that we develop and use. With the growth of both Grid and Cloud services, security is becoming even more critical. This tutorial is relevant to anyone wanting to learn about minimizing security flaws in the software they develop. We share our experiences gained from performing vulnerability assessments of critical middleware. You will learn skills critical for software developers and analysts concerned with security.

This tutorial presents coding practices subject to vulnerabilities, with examples of how they commonly arise, techniques to prevent them, and exercises to reinforce them. Most examples are in Java, C, C++, Perl and Python, and come from real code belonging to Cloud and Grid systems we have assessed. This tutorial is an outgrowth of our experiences in performing vulnerability assessment of critical middleware, including Google Chrome, Wireshark, Condor, SDSC Storage Resource Broker, NCSA MyProxy, INFN VOMS Admin and Core, and many others.

(El tutorial será en inglés.)

 ---

Secretaría de Investigación