تقرير
SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties
العنوان: | SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties |
---|---|
المؤلفون: | Okafor, Chinenye, Schorlemmer, Taylor R., Torres-Arias, Santiago, Davis, James C. |
سنة النشر: | 2024 |
المجموعة: | Computer Science |
مصطلحات موضوعية: | Computer Science - Cryptography and Security, Computer Science - Software Engineering |
الوصف: | This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity, and separation. The paper describes current security approaches and maps them to the proposed security properties, including research ideas and case studies of supply chains in practice. It discusses the strengths and weaknesses of current approaches relative to known attacks and details the various security frameworks put out to ensure the security of the software supply chain. Finally, the paper highlights potential gaps in actor and operation-centered supply chain security techniques Comment: Published in the proceedings of the 1st ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED) 2022 |
نوع الوثيقة: | Working Paper |
URL الوصول: | http://arxiv.org/abs/2406.10109 |
رقم الأكسشن: | edsarx.2406.10109 |
قاعدة البيانات: | arXiv |
الوصف غير متاح. |