Teaching Secure Programming
- M. Bishop and D. Frincke, “Teaching Secure Programming,” IEEE Security & Privacy Magazine 3(5) pp. 54–56 (Sep. 2005).
AbstractRobust programming aims to prevent abnormal termination or unexpected actions and requires code to handle bad (invalid or absurd) inputs in a way that is consistent with the developer’s intent. For example, if an internal error occurs, the program might terminate gracefully rather than simply failing, providing enough information for the programmer to debug the program and avoiding giving the user additional access or information. This article focuses on teaching these principles.
Copyright Notice©2005 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
The definitive version was published in IEEE Security & Privacy Magazine 3(5), Sep. 2005.