Trust (and mistrust) in secure applications

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Trust (and mistrust) in secure applications

Full text

Html (33 KB), Pdf

Pdf (91 KB)

Source

Communications of the ACM archive
Volume 44 , Issue 2 (February 2001) table of contents

Pages: 31 - 36

Year of Publication: 2001

ISSN:0001-0782

Authors

John Viega	Widevine Technologies, Seattle, WA
Tadayoshi Kohno	Cigital Software Security Group, Dulles, VA
Bruce Potter	Shmoo Group, Leesburg, VA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 14, Downloads (12 Months): 166, Citation Count: 15

Additional Information:

appendices and supplements references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/359205.359223 What is a DOI?

APPENDICES and SUPPLEMENTS

p31-viega.jp.pdf (66 KB),

Japanese CACM Collection

Requires Asian Language Support in Adobe Reader And Japanese Language Support in your Browser

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Carlisle M. Adams , Robert J. Zuccherato, A Global PMI for Electronic Content Distribution, Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography, p.158-168, August 14-15, 2000
	2	Collberg, C., Thomborson, C. and Low, D. A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, University of Auckland, New Zealand, Jul. 1997; ftp.cs.auckland. ac.nz/out/techreports/.
	3	Internet Security Systems. Form tampering vulnerabilities in several Web-based shopping cart applications; xforce.iss.net/alerts/ advise42.php, Feb. 2000.
	4	Wagner, D., Foster, J.S., Brewer, E.A. and Aiken, A. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed Systems Security Symposium, Feb. 2000.

CITED BY 15

	Herbert H. Thompson , James A. Whittaker , Florence E. Mottay, Software security vulnerability testing in hostile environments, Proceedings of the 2002 ACM symposium on Applied computing, March 11-14, 2002, Madrid, Spain
	Theo Nicolakis , Carlos E. Pizano , Bianca Prumo , Mitchell Webb, Protecting digital archives at the Greek Orthodox Archdiocese of America, Proceedings of the 3rd ACM workshop on Digital rights management, October 27-27, 2003, Washington, DC, USA
	Huaiqing Wang , Chen Wang, Taxonomy of security considerations and software quality, Communications of the ACM, v.46 n.6, p.75-78, June 2003
	Edgar Weippl , Wolfgang Essmayr, Personal trusted devices for web services: revisiting multilevel security, Mobile Networks and Applications, v.8 n.2, p.151-157, April 2003
	Elisabeth Davenport , Leo McLaughlin, Interpersonal trust in online partnerships: the challenge of representation, Trust in knowledge management and systems in organizations, Idea Group Publishing, Hershey, PA, 2004
	Chang Liu , Jack T. Marchewka , June Lu , Chun-Sheng Yu, Beyond concern: a privacy-trust-behavioral intention model of electronic commerce, Information and Management, v.42 n.1, p.127-142, December 2004
	Chang Liu , Jack T. Marchewka , June Lu , Chun-Sheng Yu, Beyond concern: a privacy-trust-behavioral intention model of electronic commerce, Information and Management, v.42 n.2, p.289-304, January 2005
	Zaid Dwaikat , Francesco Parisi-Presicce, Risky trust: risk-based analysis of software systems, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
	Irene M. Y. Woon , Atreyi Kankanhalli, Investigation of IS professionals' intention to practise secure development of applications, International Journal of Human-Computer Studies, v.65 n.1, p.29-41, January, 2007
	Donovan Artz , Yolanda Gil, A survey of trust in computer science and the Semantic Web, Web Semantics: Science, Services and Agents on the World Wide Web, v.5 n.2, p.58-71, June, 2007
	V. Page , M. Dixon , I. Choudhury, Security risk mitigation for information systems, BT Technology Journal, v.25 n.1, p.118-127, January 2007
	June Lu , Chang Liu , Chun-Sheng Yu , Kanliang Wang, Determinants of accepting wireless mobile data services in China, Information and Management, v.45 n.1, p.52-64, January, 2008
	Azzedine Boukerche , Yonglin Ren, A trust-based security system for ubiquitous and pervasive computing environments, Computer Communications, v.31 n.18, p.4343-4351, December, 2008
	Sean M. Price, Host-Based Security Challenges and Controls: A Survey of Contemporary Research, Information Security Journal: A Global Perspective, v.17 n.4, p.170-178, July 2008
	Farzana Parveen , Masood Abessi , Sulaiman Ainin, Wireless Internet-using Mobile Devices (WIMDs) in Malaysia, International Journal of Mobile Communications, v.7 n.5, p.580-593, April 2009

INDEX TERMS

Primary Classification:
D. Software
D.2 SOFTWARE ENGINEERING

Additional Classification:
D. Software
D.2 SOFTWARE ENGINEERING

K. Computing Milieux
K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
K.6.3 Software Management
Subjects: Software development

General Terms:
Design, Reliability, Security

REVIEW

"Andrew Robert Huber : Reviewer"

Misplaced trust leads to reliability and security problems in software. A trust relationship exists whenever a program expects an entity (such as user input) to have a certain property. The authors illustrate how failing to explicitly define more...

Collaborative Colleagues:

John Viega: colleagues

Tadayoshi Kohno: colleagues

Bruce Potter: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player