Coping with Security in Programming.docVIP

Acta Polytechnica Hungarica Vol. 3, No. 2, 2006 Coping with Security in Programming Frank Schindler Department of Applied Computer Science and Engineering Faculty of Electrical Engineering and Information Technology Slovak Technical University, I?kovi?ová 3, SK-812 19 Bratislava, Slovakia e-mail: frank.schindler@stuba.sk Abstract: This article deals with importance of security issues in computer programming. Secure software can only be designed with security as a primary goal. To achieve that we would have to redesign our computer systems with security in our mind including entire computer environment, e.g. hardware, programming languages and, of course, operating systems. In software development process the quality of resulting computer code should be the most important aspect during the whole program development process. Simplicity of the code in computer programs always pays off. Extra options and features can result in unmanageable complexity. For computer security purposes, program modularisation is of a paramount importance and seems to be the only way how to properly cope with complexity. Internal consistency of the whole program should be frequently checked via assertions. They are the best way to check parameter validity coming from other program units e.g. modules. Especially each module must distrust everything else coming from other modules and/or from the user. Frequently used code optimisations are classically leading to some sort of redundant code options and features and thus indirectly causing a useless code complexity. Extensive testing of programs is necessary for finding possible bugs in programs. However it does not locate security holes in the system. Standard software implementation techniques are completely inadequate in the production of a secure code. Consequently an introductory programming course as a college course should be taught in parall