Secure Coding: Building Security into the Software Development Life Cycle
نویسندگان
چکیده
any of the security properties that are outlined repeatedly in the newer regulations and standards can easily be side-stepped. Too often the culprits are unsophisticated software development techniques, a lack of securityfocused quality assurance, and scarce security training for software developers, software architects, and project managers. To meet future needs, opportunities, and threats associated with information security, security needs to be “baked in” to the overall systems development life-cycle process. Information security and privacy loom ever larger as issues for public and private sector organizations alike today. Government regulations and industry standards attempt to address these issues. Computer hardware and software providers invest in meeting both regulatory and market demands for information security and privacy. And individual organizations — corporations and government agencies alike — are voicing concern about the problem.
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملMisalignment challenges when integrating security requirements into mobile banking application development
This study identifies and explores the core challenge faced when integrating security requirements into the mobile application software development life cycle. Studies on key issues in Information Systems (IS) have been on-going in the past decades, with security moving up the ranks of top issues in IS. Security requirements can be added into mobile application development processes by practisi...
متن کاملSecure Software Development Using Use Cases and Misuse Cases
There is a need to inculcate in students the idea of secure system development. This paper investigates the application of use cases to the identification of security threats and security requirements; these can then be incorporated into the software design and implementation and used as a basis for testing. The method is easy to teach and easy to use. It provides a highly organized way of thin...
متن کاملInformation Technology Security Evaluation Using CERT C Secure Coding Standard
IT products developed without due consideration of security issues have caused many security accidents over the last ten years. As a result, the importance of security in software development is increasing. It is important to ensure that no known vulnerabilities remain in the design, development, and test stage, in order to develop secure IT products. Even when an IT product is designed securel...
متن کاملSecurity Deliberations in Software Development Lifecycle
Security is a serious problem in software development which when not taken into consideration, exploits vulnerabilities in software. Such security related problems need to be addressed as early as possible while building software. Security problems exist for many reasons. A major thing is that, software cannot resist security attacks. Software security vulnerabilities are often caused due to th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Information Systems Security
دوره 13 شماره
صفحات -
تاریخ انتشار 2004