Measuring the Attack Surfaces of SAP Business Applications
نویسندگان
چکیده
Software vendors such as SAP are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the attack surface of software is a complementary approach. In this paper, we introduce a method for measuring the attack surfaces of SAP business applications implemented in Java. We implement a tool as an Eclipse plugin to measure an SAP software system’s attack surface in an automated manner. We demonstrate the feasibility of our approach by measuring the attack surfaces of three versions of an SAP software system. SAP’s software developers can use the tool as part of the software development process to improve software quality and security. SAP’s customers can also use the tool to mitigate their security risk.
منابع مشابه
Report: Measuring the Attack Surfaces of Enterprise Software
Software vendors are increasingly concerned about mitigating the security risk of their software. Code quality improvement is a traditional approach to mitigate security risk; measuring and reducing the attack surface of software is a complementary approach. In this paper, we apply a method for measuring attack surfaces to enterprise software written in Java. We implement a tool as an Eclipse p...
متن کاملUse of Zernike Polynomials and SPGD Algorithm for Measuring the Reflected Wavefronts from the Lens Surfaces
Recently, we have demonstrated a new and efficient method to simultaneously reconstruct two unknown interfering wavefronts. A three-dimensional interference pattern was analyzed and then Zernike polynomials and the stochastic parallel gradient descent algorithm were used to expand and calculate wavefronts. In this paper, as one of the applications of this method, the reflected wavefronts from t...
متن کاملWhite Paper Layer Seven Security Protecting Sap Systems from Cyber Attack a Security Framework for Advanced Threats
No portion of this document may be reproduced in whole or in part without the prior wriien permission of Layer Seven Security. Layer Seven Security offers no specific guarantee regarding the accuracy or completeness of the information presented, but the professional staff of Layer Seven Security makes every reasonable effort to present the most reliable information available to it and to meet o...
متن کاملMeasurement of the Standard Proximity of Adapted Standard Business Software
In order to optimize the economical use of SAP software systems and to increase the cost effectiveness of the SAP investment, the available SAP standard system should be implemented in the best possible way. While standard functionality has no negative effects on maintenance and operating cost, modification of the standard has the potential to drive costs (Markus et al. 2000). An integrated met...
متن کاملInteroperability of Java-based Applications and SAP's Business Framework State of the Art and Desirable Developments
As the leading vendor of enterprise business standard software, SAP has recognized the need to adapt their R/3 system to current trends in software development and to meet market needs for speed of development, flexibility, openness and interoperability. In this paper, we first present SAP’s approach to object-oriented and componentbased technology by describing the Business Framework, the conc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008