Towards Secure Scripting Development

Autores
Ferrer, Facundo; More, Andres
Año de publicación
2011
Idioma
inglés
Tipo de recurso
documento de conferencia
Estado
versión publicada
Descripción
This work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automatic tools for static code analysis to ensure that usual pitfalls are avoided from the very beginning. This work contributes with an overview of specific insights on Perl and Python security, together with a list of publicily available support tools, and how they are best applied and integrated into the development process. The proposed development framework is based on a supporting infrastructure which minimizes effort on peer reviews and allows early identification of security issues, making their resolution easier and cheaper.
Sociedad Argentina de Informática e Investigación Operativa
Materia
Ciencias Informáticas
Scripting
Development
Nivel de accesibilidad
acceso abierto
Condiciones de uso
http://creativecommons.org/licenses/by-nc-sa/4.0/
Repositorio
SEDICI (UNLP)
Institución
Universidad Nacional de La Plata
OAI Identificador
oai:sedici.unlp.edu.ar:10915/141863

id SEDICI_513bf9b3af486b8acb97acc1e4b15360
oai_identifier_str oai:sedici.unlp.edu.ar:10915/141863
network_acronym_str SEDICI
repository_id_str 1329
network_name_str SEDICI (UNLP)
spelling Towards Secure Scripting DevelopmentFerrer, FacundoMore, AndresCiencias InformáticasScriptingDevelopmentThis work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automatic tools for static code analysis to ensure that usual pitfalls are avoided from the very beginning. This work contributes with an overview of specific insights on Perl and Python security, together with a list of publicily available support tools, and how they are best applied and integrated into the development process. The proposed development framework is based on a supporting infrastructure which minimizes effort on peer reviews and allows early identification of security issues, making their resolution easier and cheaper.Sociedad Argentina de Informática e Investigación Operativa2011-08info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf42-53http://sedici.unlp.edu.ar/handle/10915/141863enginfo:eu-repo/semantics/altIdentifier/isbn/978-987-1312-22-1info:eu-repo/semantics/altIdentifier/url/https://40jaiio.sadio.org.ar/sites/default/files/T2011/WSegI/972.pdfinfo:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/4.0/Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-09-29T11:36:14Zoai:sedici.unlp.edu.ar:10915/141863Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-09-29 11:36:14.531SEDICI (UNLP) - Universidad Nacional de La Platafalse
dc.title.none.fl_str_mv Towards Secure Scripting Development
title Towards Secure Scripting Development
spellingShingle Towards Secure Scripting Development
Ferrer, Facundo
Ciencias Informáticas
Scripting
Development
title_short Towards Secure Scripting Development
title_full Towards Secure Scripting Development
title_fullStr Towards Secure Scripting Development
title_full_unstemmed Towards Secure Scripting Development
title_sort Towards Secure Scripting Development
dc.creator.none.fl_str_mv Ferrer, Facundo
More, Andres
author Ferrer, Facundo
author_facet Ferrer, Facundo
More, Andres
author_role author
author2 More, Andres
author2_role author
dc.subject.none.fl_str_mv Ciencias Informáticas
Scripting
Development
topic Ciencias Informáticas
Scripting
Development
dc.description.none.fl_txt_mv This work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automatic tools for static code analysis to ensure that usual pitfalls are avoided from the very beginning. This work contributes with an overview of specific insights on Perl and Python security, together with a list of publicily available support tools, and how they are best applied and integrated into the development process. The proposed development framework is based on a supporting infrastructure which minimizes effort on peer reviews and allows early identification of security issues, making their resolution easier and cheaper.
Sociedad Argentina de Informática e Investigación Operativa
description This work reflects two separate efforts towards implementing security awareness in projects being developed using scripting languages. The same development process was used in both projects which included a specific focus on security. Besides summarizing lessons learned, this work recommends automatic tools for static code analysis to ensure that usual pitfalls are avoided from the very beginning. This work contributes with an overview of specific insights on Perl and Python security, together with a list of publicily available support tools, and how they are best applied and integrated into the development process. The proposed development framework is based on a supporting infrastructure which minimizes effort on peer reviews and allows early identification of security issues, making their resolution easier and cheaper.
publishDate 2011
dc.date.none.fl_str_mv 2011-08
dc.type.none.fl_str_mv info:eu-repo/semantics/conferenceObject
info:eu-repo/semantics/publishedVersion
Objeto de conferencia
http://purl.org/coar/resource_type/c_5794
info:ar-repo/semantics/documentoDeConferencia
format conferenceObject
status_str publishedVersion
dc.identifier.none.fl_str_mv http://sedici.unlp.edu.ar/handle/10915/141863
url http://sedici.unlp.edu.ar/handle/10915/141863
dc.language.none.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv info:eu-repo/semantics/altIdentifier/isbn/978-987-1312-22-1
info:eu-repo/semantics/altIdentifier/url/https://40jaiio.sadio.org.ar/sites/default/files/T2011/WSegI/972.pdf
dc.rights.none.fl_str_mv info:eu-repo/semantics/openAccess
http://creativecommons.org/licenses/by-nc-sa/4.0/
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)
eu_rights_str_mv openAccess
rights_invalid_str_mv http://creativecommons.org/licenses/by-nc-sa/4.0/
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)
dc.format.none.fl_str_mv application/pdf
42-53
dc.source.none.fl_str_mv reponame:SEDICI (UNLP)
instname:Universidad Nacional de La Plata
instacron:UNLP
reponame_str SEDICI (UNLP)
collection SEDICI (UNLP)
instname_str Universidad Nacional de La Plata
instacron_str UNLP
institution UNLP
repository.name.fl_str_mv SEDICI (UNLP) - Universidad Nacional de La Plata
repository.mail.fl_str_mv alira@sedici.unlp.edu.ar
_version_ 1844616240725753856
score 13.070432