Software, Attacker and Asset-centric Approach for Improving Security in System Development Process (original) (raw)
Related papers
Aspects of Enhancing Security in Software Development Life Cycle
2017
Softwares have become an integral part of everyday life. Every day, millions of people perform transaction through various applications run by these softwares as internet, ATM, mobile phone, email etc. Softwares are used by people bearing in mind that it is reliable and can be trusted upon and the operations they perform is secure. Now, if these softwares have ensembled security holes, then how can they be safe for use? Security brings value to software in terms of people’s trust. The value provided by secure software is of vital importance because many critical functions are entirely dependent on the software. Because of the limitation of budget and release time of the software into the market, many developers consider security as an afterthought thus resulting in poor quality software. In the early days, software security was only considered as part of software testing but, later on, it has been experienced that security is not an afterthought in case of software development[16][1...
Security Enhancement in Software Development Life Cycle
Software has become an integral part of everyday life. Every day, millions of people perform transaction through various applications run by these software as internet, ATM, mobile phone, they send email etc. People use software bearing in mind that it is reliable and can be trust upon and the operation they perform is secured. Now, if this software have ensemble security hole then how can they be safe for use. Security brings value to software in terms of people's trust. The value provided by secure software is of vital importance because many critical functions are entirely dependent on the software. With limited budget and time to release software into the market, many developers often consider security as an after though. So in this work we have given a model to improve the security in SDLC model by using different method.
Security Delibarations in Software Development Lifecycle
Ijca Proceedings on International Conference on Information and Communication Technologies, 2014
Security is a serious problem in software development which when not taken into consideration, exploits vulnerabilities in software. Such security related problems need to be addressed as early as possible while building software. Security problems exist for many reasons. A major thing is that, software cannot resist security attacks. Software security vulnerabilities are often caused due to the flaws that might be in specification, design, implementation or testing. These flaws are unknowingly injected by the software developers during development or left unnoticed by the software testers while testing for defects in software. This requires that developers and testers use methods that consistently produce secure software, which results in a defect less product. Security must be integrated into the software development life cycle from the beginning and must persist until the product is in use. This paper brings out the security deliberation that have to be paid due attention in the various phases of software development life cycle while developing a software.
A Critical Analysis on Security Aspects of Software Development Lifecycle
Ijca Proceedings on International Conference on Microelectronics Circuits and Systems, 2014
This paper focuses on the security aspects of software. It analyses the various loopholes that can exist in the development of a software or the various damages that can be incorporated by malicious users, and also the remedies that when carefully undertaken can remove the vulnerabilities. This is an overview or study of security problems of different nature and the proper and systematic tackling methodology adopted to eradicate them and thereby also add value to its quality.
A Model for Integrating Information Security into the Software Development Life Cycle
2007
Alone we can do so little; together we can do so much.' -Helen Keller-My sincerest gratitude to the following people: · My supervisor, Prof Rossouw von Solms, for his invaluable support and guidance; · My special friend and colleague, Cheryl Schröder, for believing in me and encouraging me every step of the way; · My editorial team, Bron Kaplan and Debbie Box, for their dedication and commitment ; · My family, friends and colleagues, for their everlasting support and understanding.
Integration of Security Modules in Software Development Lifecycle Phases
ArXiv, 2020
Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is required by many industrial IT security standards and policies. Despite current cyber protection measures and best practices, vulnerabilities still remain strong and become a huge threat to every developed software. It is crucial to understand the position of secure software development for security management, which is affected by causes such as human security-related factors. Although developers are often held accountable for security vulnerabilities, in reality, many problems often grow from a lack of organizational support during development tasks to handle security. While abstract safe coding guidelines are generally recognized, there are limited low-level secure coding guidelines for various programming languages. A good technique is required to...
Importance of Secure Software Development Processes and Tools for Developers
ArXiv, 2020
In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure Software Development Process for Developers is of crucial importance for software engineers as more and more software-based devices are becoming commonly available, and cloud services are evolving which require for the software to be constantly connected to the internet. With this in mind, Secure Software Development needs to be transformed to something most developers can rely upon to make applied software safe and have the capability to mitigate against potential attacks by hackers. Furthermore, in this paper, existing Secure Software Development Process ideas and implementations are reviewed and investigated using the research paper pool available online. Thereafter, an approach is proposed to enhance the security aspect in software development proce...
Theory and practice in secure software development lifecycle: A comprehensive survey
World Journal of Advanced Research and Reviews
Software development security refers to the practice of integrating security measures and considerations throughout the software development lifecycle to ensure the confidentiality, integrity, and availability of software systems. It involves identifying, mitigating, and eliminating security vulnerabilities and threats that could be exploited by attackers. The goal of this paper is to survey the various concepts and methodologies directed towards software security, and the identification of any missing gaps. Based on the findings, it is noted that the development of secure software requires a proactive and comprehensive approach. It begins with establishing secure design principles and incorporating security requirements from the initial stages of development. Here, secure coding practices, such as input validation, output encoding, and secure authentication and authorization mechanisms, are employed to prevent common security vulnerabilities. In addition, regular security testing, ...
SecSDM: A Model for Integrating Security into the Software Development Life Cycle
Fifth World Conference on Information Security …, 2007
Most traditional software development methodologies do not explicitly include a standardised method for incorporating information security into their life cycles. It is argued that security considerations should provide input into every phase of the Software Development Life Cycle (SDLC), from requirements gathering to design, implementation, testing and deployment. Therefore, to build more secure software applications, an improved software development process is required. The Secure Software Development Model (SecSDM), as described in this paper, is based on many of the recommendations provided by relevant international standards and best practices, for example, the ISO 7498-2 (1989) standard which addresses the underlying security services and mechanisms that form an integral part of the model.
Importance of Secure Software Development for the Software Development at Different SDLC Phases
The advancement of technology has made the development of software applications become unstoppable. The wide use of software applications has increased the threat to cyber security. The recent pandemic required the organization to adapt and manage new threats and cyberattacks due to the rising number of cybercrime activities all around the digital ecosystem. This situation has led to the importance of ensuring that the software is safe to use. Therefore, software development that emphasizes security aspects in every phase of the software development life cycle (SDLC) should be prioritized and practised to minimize cybersecurity problems. In this study, a document survey be conducted to achieve an understanding of secure software development processes and activities. The source of information is retrieved from different reliable resources of scientific research databases such as IEEE, Science Direct and Google Scholar. Moreover, trusted web resources also be referenced to support ...