Zobrazeno 1 - 10
of 7 639
pro vyhledávání: '"Davis, James"'
Autor:
Schorlemmer, Taylor R., Burmane, Ethan H., Kalu, Kelechi G., Torres-Arias, Santiago, Davis, James C.
Software engineers integrate third-party components into their applications. The resulting software supply chain is vulnerable. To reduce the attack surface, we can verify the origin of components (provenance) before adding them. Cryptographic signat
Externí odkaz:
http://arxiv.org/abs/2407.03949
Code signing enables software developers to digitally sign their code using cryptographic keys, thereby associating the code to their identity. This allows users to verify the authenticity and integrity of the software, ensuring it has not been tampe
Externí odkaz:
http://arxiv.org/abs/2406.15596
Autor:
Franke, Lucas, Liang, Huayu, Farzanehpour, Sahar, Brantly, Aaron, Davis, James C., Brown, Chris
Background: Governments worldwide are considering data privacy regulations. These laws, e.g. the European Union's General Data Protection Regulation (GDPR), require software developers to meet privacy-related requirements when interacting with users'
Externí odkaz:
http://arxiv.org/abs/2406.14724
Autor:
Bhuiyan, Masudul Hasan Masud, Çakar, Berk, Burmane, Ethan H, Davis, James C, Staicu, Cristian-Alexandru
Regular expression denial of service (ReDoS) is an asymmetric cyberattack that has become prominent in recent years. Many research works examine ReDoS, measuring its impact or preventing its exploitation. However, there has been no systematic treatme
Externí odkaz:
http://arxiv.org/abs/2406.11618
This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity, and separati
Externí odkaz:
http://arxiv.org/abs/2406.10109
Software failures inform engineering work, standards, regulations. For example, the Log4J vulnerability brought government and industry attention to evaluating and securing software supply chains. Accessing private engineering records is difficult, s
Externí odkaz:
http://arxiv.org/abs/2406.08221
Background: Collaborative Software Package Registries (SPRs) are an integral part of the software supply chain. Much engineering work synthesizes SPR package into applications. Prior research has examined SPRs for traditional software, such as NPM (J
Externí odkaz:
http://arxiv.org/abs/2406.08205
Many software products are composed by the recursive integration of components from other teams or external parties. Each additional link in a software product's supply chain increases the risk of the injection of malicious behavior. To improve suppl
Externí odkaz:
http://arxiv.org/abs/2406.08198
It is undeniable that citizen science contributes to the advancement of various fields of study. There are now software tools that facilitate the development of citizen science apps. However, apps developed with these tools rely on individual human s
Externí odkaz:
http://arxiv.org/abs/2405.14323
This paper undertakes the task of replicating the MaskFormer model a universal image segmentation model originally developed using the PyTorch framework, within the TensorFlow ecosystem, specifically optimized for execution on Tensor Processing Units
Externí odkaz:
http://arxiv.org/abs/2404.18801