Developers are Not the Enemy!: The Need for Usable Security APIs 论文
2016IEEE Security & Privacy引用 218
Advanced Malware Detection TechniquesUser Authentication and Security SystemsSpam and Phishing Detection
摘要
Rather than recognizing software engineers' limitations, modern security practice has created an adversarial relationship between security software designers and the developers who use their software to construct applications. Using the example of cryptographic APIs, the authors show that developers aren't the enemy and that, to strengthen security systems across the board, security professionals must focus on creating developer-friendly and developer-centric approaches.