A call to action look beyond the horizon

1 November 2003

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Security & Privacy

Vol. 1 (6), 62-67
https://doi.org/10.1109/msecp.2003.1253571

Abstract

Today's most prevalent and widely discussed attacks exploit code-level flaws such as buffer overruns and type-invalid input. Now we should turn to tomorrow's attacks, and think beyond buffer overruns, beyond code-level bugs, and beyond the horizon. This article is a call to arms to the research community to look toward the future. The author outlines a few suggestions for important research directions: software design, usability, and privacy. He argues that if we can make any progress on the first two, we could make a strong impact. He highlights the third topic because he thinks it deserves more attention from the scientific and technical communities, to complement the attention it already receives from the policy and legal communities. Because of the author's background in software engineering, he elaborates more on the first research direction than the other two, but believes all three deserve equal attention.

Keywords

This publication has 8 references indexed in Scilit:

From the ground up: the DIMACS software security workshop
IEEE Security & Privacy, 2003
Language-based information-flow security
IEEE Journal on Selected Areas in Communications, 2003
Unpacking "privacy" for a networked world
Published by Association for Computing Machinery (ACM) ,2003
Java security: from HotJava to Netscape and beyond
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security
BT Technology Journal, 2001
Security Policies and Security Models
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1982
The protection of information in computer systems
Proceedings of the IEEE, 1975
Protection
ACM SIGOPS Operating Systems Review, 1974

Cited by 13 articles