In this week’s reading club, we recommend paper (23 pages long), A Taxonomy of Computer Program Security Flaws, with Examples by Carl E. Landwehr, Alan R. Bull, John P. McDermott, and William S. Choi.
If you want to learn about application security, by example, this paper is for you.
Taxonomy (noun) – a system for naming and organizing things, especially plants and animals, into groups that share similar qualities [source].
You will find fifty examples of security flaws classified by:
- Genesis – malicious, intentional, incongruity
- Time – during development, maintenance, operation
- Location – software, hardware