Software Security Engineering: Design and Applications

Muthu Ramachandran from Leeds Metropolitan University, UK has recently published a book entitled, Software Security Engineering: Design and Applications. The author claims that the book provides systematic approaches to engineering, building and assuring software security throughout software lifecycle, software security based requirements engineering, design for software security, software security implementation, best practice guideline on developing software security, test for software security, and quality validation for software security. The book uses UML 2.0 for modelling and design examples. A running case study called Qbay (Quality-Bay auction system) has been used throughout the book in all chapters. It also provides some insights into software requirements engineering for security, current issues in software security, and to show how to build secure applications with appropriate selection of principles and process. Its aim is to provide concise and good practice design guidelines on software security which are expected to benefit practitioners, researchers, learners, and educators. This book provides software security best practices that practitioners and researchers can use in their everyday life. This book has been divided into three parts. Part 1 dedicates to Software Security Requirements Engineering & Management in order to provide overview of techniques and methods on software security requirements engineering, software security modelling, interrelated concepts of knowledge engineering, software security engineering with software product line engineering which is unique approach supporting SPL, software security assurance and its management aspects including how social engineering concepts can be used to elicit software security requirements. This part also provides a comprehensive guide to SSE process, taxonomies, threat analysis using Microsoft SDL tool. Part 2 discusses topics such as design for security, component based design for software security, best practice development guidelines, Software Security Engineering: Design and Applications