Annotation: Identifies security issues for automatic software management and a research plan to address them. Integrity must be guaranteed for the software being shipped from vendor to user, the user's configuration, and messages from user to vendor that describe configurations. Authentication is needed to identify software vendors and licenced software users. Privacy protections are needed for software components (because of their intellectual property value) and for software configurations (because they may reveal sensitive data). Finally, delegation is needed, e.g., to let administrators delegate configuration control to vendors and to let vendors delegate configuration checking to a testing lab.
BibTeX entry:
@inproceedings{devanbu99security,
author = {P. Devanbu and M. Gertz and S. Stubblebine},
title = {Security for Automated, Distributed Configuration Management},
booktitle = {{ICSE} Workshop on Software Engineering over the Internet},
month = apr,
year = {1999}
}
Sameer Ajmani