The Trustworthy Computing Security Development Lifecycle

نویسنده

  • Steven B. Lipner
چکیده

This paper discusses the Trustworthy Computing Security Development Lifecycle (or simply the SDL), a process that Microsoft has adopted for the development of software that needs to withstand malicious attack. The process encompasses the addition of a series of securityfocused activities and deliverables to each of the phases of Microsoft's software development process. These activities and deliverables include the development of threat models during software design, the use of static analysis code-scanning tools during implementation, and the conduct of code reviews and security testing during a focused "security push". Before software subject to the SDL can be released, it must undergo a Final Security Review by a team independent from its development group. When compared to software that has not been subject to the SDL, software that has undergone the SDL has experienced a significantly reduced rate of external discovery of security vulnerabilities. This paper describes the SDL and discusses experience with its implementation across a range of Microsoft software.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Building More Secure Commercial Software: The Trustworthy Computing Security Development Lifecycle

With the growth of the Internet as a vehicle for commercial, governmental, and personal communications and information sharing, the importance of providing trustworthy computing facilities that will resist hostile attack has grown dramatically. In response to this growing need, Microsoft has developed the Trustworthy Computing Security Development Lifecycle (SDL), an integrated process for impr...

متن کامل

Data Integrity in Cloud Computing Security

Cloud computing requires comprehensive security solutions based upon many aspects of a large and loosely integrated system. The application software and databases in cloud computing are moved to the centralized large data centers, where the management of the data and services may not be fully trustworthy. Threats, vulnerabilities and risks for cloud computing are explained, and then, we have de...

متن کامل

Security and Trust Issues in Semantic Grids

Grid computing allows sharing of services and resources accross institutions. However, current Grid security mechanisms for authentication and authorization are too rigid and they lack the ability to determine how “trustworthy” the result obtained from a specific provider is likely to be. This paper describes the different facets associated to Trust and identifies the need for Trust Management ...

متن کامل

Support for situation awareness in trustworthy ubiquitous computing application software

Due to the dynamic and ephemeral nature of ubiquitous computing (ubicomp) environments, it is especially important that the application software in ubicomp environments is trustworthy. In order to have trustworthy application software in ubicomp environments, situation-awareness (SAW) in the application software is needed for enforcing flexible security policies and detecting violations of secu...

متن کامل

A component-based development process for trustworthy systems

This paper introduces a new process for a rigorous component-centered development of trustworthy systems. The rationale for our perspective of the process is two-fold. The activities prescribed in a conventional software engineering development process are neither suitable nor sufficient for developing component-based systems. Component-based development methods that are currently practised do ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004