Aspects of Enhancing Security in Software Development Life Cycle (original) (raw)
Related papers
Security Enhancement in Software Development Life Cycle
Software has become an integral part of everyday life. Every day, millions of people perform transaction through various applications run by these software as internet, ATM, mobile phone, they send email etc. People use software bearing in mind that it is reliable and can be trust upon and the operation they perform is secured. Now, if this software have ensemble security hole then how can they be safe for use. Security brings value to software in terms of people's trust. The value provided by secure software is of vital importance because many critical functions are entirely dependent on the software. With limited budget and time to release software into the market, many developers often consider security as an after though. So in this work we have given a model to improve the security in SDLC model by using different method.
Security Delibarations in Software Development Lifecycle
Ijca Proceedings on International Conference on Information and Communication Technologies, 2014
Security is a serious problem in software development which when not taken into consideration, exploits vulnerabilities in software. Such security related problems need to be addressed as early as possible while building software. Security problems exist for many reasons. A major thing is that, software cannot resist security attacks. Software security vulnerabilities are often caused due to the flaws that might be in specification, design, implementation or testing. These flaws are unknowingly injected by the software developers during development or left unnoticed by the software testers while testing for defects in software. This requires that developers and testers use methods that consistently produce secure software, which results in a defect less product. Security must be integrated into the software development life cycle from the beginning and must persist until the product is in use. This paper brings out the security deliberation that have to be paid due attention in the various phases of software development life cycle while developing a software.
Importance of Secure Software Development Processes and Tools for Developers
ArXiv, 2020
In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure Software Development Process for Developers is of crucial importance for software engineers as more and more software-based devices are becoming commonly available, and cloud services are evolving which require for the software to be constantly connected to the internet. With this in mind, Secure Software Development needs to be transformed to something most developers can rely upon to make applied software safe and have the capability to mitigate against potential attacks by hackers. Furthermore, in this paper, existing Secure Software Development Process ideas and implementations are reviewed and investigated using the research paper pool available online. Thereafter, an approach is proposed to enhance the security aspect in software development proce...
Theory and practice in secure software development lifecycle: A comprehensive survey
World Journal of Advanced Research and Reviews
Software development security refers to the practice of integrating security measures and considerations throughout the software development lifecycle to ensure the confidentiality, integrity, and availability of software systems. It involves identifying, mitigating, and eliminating security vulnerabilities and threats that could be exploited by attackers. The goal of this paper is to survey the various concepts and methodologies directed towards software security, and the identification of any missing gaps. Based on the findings, it is noted that the development of secure software requires a proactive and comprehensive approach. It begins with establishing secure design principles and incorporating security requirements from the initial stages of development. Here, secure coding practices, such as input validation, output encoding, and secure authentication and authorization mechanisms, are employed to prevent common security vulnerabilities. In addition, regular security testing, ...
A Critical Analysis on Security Aspects of Software Development Lifecycle
Ijca Proceedings on International Conference on Microelectronics Circuits and Systems, 2014
This paper focuses on the security aspects of software. It analyses the various loopholes that can exist in the development of a software or the various damages that can be incorporated by malicious users, and also the remedies that when carefully undertaken can remove the vulnerabilities. This is an overview or study of security problems of different nature and the proper and systematic tackling methodology adopted to eradicate them and thereby also add value to its quality.
A Model for Integrating Information Security into the Software Development Life Cycle
2007
Alone we can do so little; together we can do so much.' -Helen Keller-My sincerest gratitude to the following people: · My supervisor, Prof Rossouw von Solms, for his invaluable support and guidance; · My special friend and colleague, Cheryl Schröder, for believing in me and encouraging me every step of the way; · My editorial team, Bron Kaplan and Debbie Box, for their dedication and commitment ; · My family, friends and colleagues, for their everlasting support and understanding.
Software, Attacker and Asset-centric Approach for Improving Security in System Development Process
2020
Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything is advancing faster than we can ever think of, most of the old security policies can no longer be implemented alone. The consequences and impacts that could be brought upon a company are really huge if the software applications are not secured according to the modern trend. Therefore, in this paper research is done to asses the security integration in software development process. The concept and the purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development. With a better and clearer...
Secure Software Development Best Practices
International Journal of Emerging Multidisciplinaries: Computer Science & Artificial Intelligence
This research aims to explore optimal strategies for fortified software, enhancing the implementation of secure software development practices. Software security involves crafting and designing software that guarantees the integrity, confidentiality, and availability of its code, data, and functionalities. Often, in prioritizing functionality, security takes a back seat when organizations embark on system development. Yet, it's imperative to embed security at every phase of the Software Development Life Cycle (SDLC). Numerous methodologies and models exist for addressing software security, but only a few substantiate creating secure software applications effectively. Despite advancements, software security remains inadequately addressed, posing a challenge to integrating security protocols into the SDLC seamlessly. This review advocates specific security measures to be integrated at each SDLC level, fostering a secure SDLC. Efficient amalgamation of these processes ensures the d...
Security assurance during the software development cycle
Proceedings of the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing - CompSysTech '09, 2009
Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software's development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.
Integrity, Internal Control and Security in Information Systems, 2002
More and more software is deployed in an environment with wide area network connectivity, in particular with connectivity to the Internet. Software developers are not always aware of the security implications of this connectivity, and hence the software they produce contains a large number of vulnerabilities exploitable by attackers. Statistics show that a limited number of types of vulnerabilities account for the majority of successful attacks on the Internet. Hence, we believe that it is very useful for a software developer to have a deep understanding of these kinds of vulnerabilities, in order to avoid them in new software. In this paper, we present a survey and classification of the most commonly exploited software vulnerabilities.