| program, 95 | trapdoor, 112 | | user , 95 | worm, 112 | | secure program, 95 | rabbit, 112 | | penetrate and patch, 96 | appended virus, 113 | | fault, 96 | document virus, 116 | | program security flaw, 97 | macro virus, 116 | | bug, 98 | boot sector virus, 118 | | error, 98 | virus signature, 120 | | failure, 98 | polymorphic virus, 123 | | buffer overflow, 100 | encrypting virus, 124 | | incomplete mediation, 104 | Brain virus, 128 | | time-of-check to time-of-use, 106 | The Internet worm, 129 | | malicious code, 108 | Code Red, 132 | | rogue program, 111 | web bug, 134 | | virus, 111 | stub, 137 | | agent, 111 | driver, 137 | | transient virus, 111 | side effect, 138 | | resident virus, 111 | error checking, 138 | | Trojan horse, 111 | undefined operation, 139 | | logic bomb, 112 | salami attack, 139 | | time bomb, 112 | information leakage, 141 | | backdoor, 112 | covert channel, 141 | | timing channel, 146 | fault tree analysis, 157 | | software engineering, 150 | regression test, 159 | | encapsulation, 152 | black-box test, 159 | | information hiding, 152 | clear-box test, 159 | | modularity, 152 | independent test team, 159 | | maintainability, 153 | configuration management, 163 | | understandability, 153 | conditional compilation, 164 | | reusability, 153 | proof of program correctness, 166 | | correctability, 153 | program verification, 166 | | testability, 153 | trusted software, 169 | | coupling, 153 | functional correctness, 169 | | cohesion, 153 | enforcement of integrity, 169 | | peer review, 154 | limited privilege, 169 | | program design, 155 | appropriate security level, 169 | | inspection, 155 | mutual suspicion, 170 | | walk-through , 155 | confinement, 170 | | review, 155 | access log, 170 | | egoless programming, 155 | development standards, 171 | | hazard analysis, 157 | configuration management standards, 171 | | failure modes and effects analysis, 157 | | |
