1. |
|
|
2. |
- Balliu, Musard, et al.
(författare)
-
Software Bill of Materials in Java
- 2023
-
Ingår i: SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses. - : Association for Computing Machinery (ACM). ; , s. 75-76
-
Konferensbidrag (refereegranskat)abstract
- Modern software applications are virtually never built entirely in-house. As a matter of fact, they reuse many third-party dependencies, which form the core of their software supply chain [1]. The large number of dependencies in an application has turned into a major challenge for both security and reliability. For example, to compromise a high-value application, malicious actors can choose to attack a less well-guarded dependency of the project [2]. Even when there is no malicious intent, bugs can propagate through the software supply chain and cause breakages in applications. Gathering accurate, upto- date information about all dependencies included in an application is, therefore, of vital importance.
|
|
3. |
|
|
4. |
|
|
5. |
|
|
6. |
|
|
7. |
|
|
8. |
|
|
9. |
|
|
10. |
|
|