|
Oulu University Secure Programming Group
The Oulu University Secure Programming Group (OUSPG) is a research group at the University of Oulu that studies, evaluates and develops methods of implementing and testing application and system software in order to prevent, discover and eliminate implementation level security vulnerabilities in a pro-active fashion. The focus is on implementation level security issues and software security testing. History OUSPG has been active as an independent academic research group in the Computer Engineering Laboratory in the Department of Electrical and Information Engineering in the University of Oulu since summer 1996. OUSPG is most known for its participation in protocol implementation security testing, which they called robustness testing, using the PROTOS mini-simulation method. The PROTOS was co-operated project with VTT and number of industrial partners. The project developed different approaches of testing implementations of protocols using black-box (i.e. functional) testing me ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
University Of Oulu
The University of Oulu () is one of the largest universities in Finland, located in the city of Oulu. It was founded on July 8, 1958. The university has around 14,200 students and 3,800 staff. 21 International Master's Programmes are offered at the university. The university is often ranked as one of the best universities in Finland and in the top 400 worldwide. History * 1919 Oulu College Association was founded to manage the establishment of a university in the town * 1958 Oulu University Act * 1959 Activities begin. Faculty of Philosophy (programs in biology and mathematics), Faculty of Technology (architecture, civil and industrial engineering) and Oulu Teaching School * 1960 Faculty of Medicine * 1965 Teaching begins in humanities * 1965 Departments of Electrical Engineering and Machine Engineering added to the Faculty of Technology * 1972 The Faculty of Humanities and the Faculty of Natural Sciences founded with the division of the Faculty of Philosophy * 1974 Facul ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Application Software
Application software is any computer program that is intended for end-user use not operating, administering or programming the computer. An application (app, application program, software application) is any program that can be categorized as application software. Common types of applications include word processor, media player and accounting software. The term ''application software'' refers to all applications collectively and can be used to differentiate from system and utility software. Applications may be bundled with the computer and its system software or published separately. Applications may be proprietary or open-source. The short term ''app'' (coined in 1981 or earlier) became popular with the 2008 introduction of the iOS App Store, to refer to applications for mobile devices such as smartphones and tablets. Later, with introduction of the Mac App Store (in 2010) and Windows Store (in 2011), the term was extended in popular use to include desktop a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
System Software
System software is software designed to provide a platform for other software. An example of system software is an operating system (OS) (like macOS, Linux, Android, and Microsoft Windows). Application software is software that allows users to do user-oriented tasks such as creating text documents, playing or developing games, creating presentations, listening to music, drawing pictures, or browsing the web. Examples of such software are computational science software, game engines, search engines, industrial automation, and software as a service applications. In the late 1940s, application software was custom-written by computer users to fit their specific hardware and requirements. System software was usually supplied by the manufacturer of the computer hardware and was intended to be used by most or all users of that system. Many operating systems come pre-packaged with basic application software. Such software is not considered system software when it can be uninstalled with ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vulnerability (computing)
Vulnerabilities are flaws or weaknesses in a system's design, implementation, or management that can be exploited by a malicious actor to compromise its security. Despite a system administrator's best efforts to achieve complete correctness, virtually all hardware and software contain bugs where the system does not behave as expected. If the bug could enable an attacker to compromise the confidentiality, integrity, or availability of system resources, it can be considered a vulnerability. Insecure software development practices as well as design factors such as complexity can increase the burden of vulnerabilities. Vulnerability management is a process that includes identifying systems and prioritizing which are most important, scanning for vulnerabilities, and taking action to secure the system. Vulnerability management typically is a combination of remediation, mitigation, and acceptance. Vulnerabilities can be scored for severity according to the Common Vulnerability S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Testing
Security testing is a process intended to detect flaws in the security mechanisms of an information system and as such help enable it to protect data and maintain functionality as intended. Due to the logical limitations of security testing, passing the security testing process is not an indication that no flaws exist or that the system adequately satisfies the security requirements. Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such, a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from. Confidentiality * A security measure which protects against the disclosure of information to parties o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Robustness Testing
Robustness testing is any quality assurance methodology focused on testing the robustness of software. Robustness testing has also been used to describe the process of verifying the robustness (i.e. correctness) of test cases in a test process. ANSI and IEEE have defined robustness as the degree to which a system or component can function correctly in the presence of invalid inputs or stressful environmental conditions. The term "robustness testing" was first used by the Ballista project at Carnegie Mellon University. They performed testing of operating systems for dependability based on the data types of POSIX API, producing complete system crashes in some systems. The term was also used by OUSPG and VTT researchers taking part in the PROTOS project in the context of software security testing. Eventually the term ''fuzzing In programming and software development, fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Black-box Testing
Black-box testing, sometimes referred to as specification-based testing, is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied virtually to every level of software testing: unit, integration, system and acceptance. Black-box testing is also used as a method in penetration testing, where an ethical hacker simulates an external hacking or cyber warfare attack with no knowledge of the system being attacked. Test procedures Specification-based testing aims to test the functionality of software according to the applicable requirements. This level of testing usually requires thorough test cases to be provided to the tester, who then can simply verify that for a given input, the output value (or behavior), either "is" or "is not" the same as the expected value specified in the test case. Specific knowledge of the application's code, internal structure and programmi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, network switches, servers, workstations, printers, and more. SNMP is widely used in network management for network monitoring. SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB), which describes the system status and configuration. These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications. Three significant versions of SNMP have been developed and deployed. SNMPv1 is the original version of the protocol. More recent versions, SNMPv2c and SNMPv3, feature improvements in performance, flexibility and security. SNMP is a component of the Internet Protocol Suite as def ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Archive File
In computing, an archive file stores the content of one or more files, possibly compressed, with associated metadata such as file name, directory structure, error detection and correction information, commentary, compressed data archives, storage, and sometimes encryption. An archive file is often used to facilitate portability, distribution and backup, and to reduce storage use. Applications Portability As an archive file stores file system information, including file content and metadata, it can be leveraged for file system content portability across heterogeneous systems. For example, a directory tree can be sent via email, files with unsupported names on the target system can be renamed during extraction, timestamps can be retained rather than lost during data transmission. Also, transfer of a single archive file may be faster than processing multiple files due to per-file overhead, and even faster if compressed. Software distribution Beyond archiving, archi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Antivirus Software
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other malware, antivirus software started to protect against other computer threats. Some products also include protection from malicious URLs, spam, and phishing. History 1971–1980 period (pre-antivirus days) The first known computer virus appeared in 1971 and was dubbed the " Creeper virus". This computer virus infected Digital Equipment Corporation's ( DEC) PDP-10 mainframe computers running the TENEX operating system.From the first email to the first YouTube video: a d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Codenomicon
Synopsys, Inc. is an American electronic design automation (EDA) company headquartered in Sunnyvale, California, that focuses on silicon design and verification, silicon intellectual property and software security and quality. Synopsys supplies tools and services to the semiconductor design and manufacturing industry. Products include tools for logic synthesis and physical design of integrated circuits, simulators for development, and debugging environments that assist in the design of the logic for chips and computer systems. History Synopsys was founded by Aart de Geus, David Gregory, Alberto Sangiovanni-Vincentelli and Bill Krieger in 1986 in Research Triangle Park, North Carolina. The company was initially established as Optimal Solutions with a charter to develop and market logic synthesis technology developed by the team at General Electric's Advanced Computer-Aided Engineering Group. The company changed its name to Synopsys and moved to Mountain View, Califo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Clarified Networks
Synopsys, Inc. is an American electronic design automation (EDA) company headquartered in Sunnyvale, California, that focuses on silicon design and verification, silicon intellectual property and software security and quality. Synopsys supplies tools and services to the semiconductor design and manufacturing industry. Products include tools for logic synthesis and physical design of integrated circuits, simulators for development, and debugging environments that assist in the design of the logic for chips and computer systems. History Synopsys was founded by Aart de Geus, David Gregory, Alberto Sangiovanni-Vincentelli and Bill Krieger in 1986 in Research Triangle Park, North Carolina. The company was initially established as Optimal Solutions with a charter to develop and market logic synthesis technology developed by the team at General Electric's Advanced Computer-Aided Engineering Group. The company changed its name to Synopsys and moved to Mountain View, Californ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
