Security Engineering towards Building a Secure Software

Information Systems Security is one of the most critical challenges presently facing nearly every one of the organizations. However, making certain security and quality in both information and the systems which control information is a difficult goal necessitating the mixture of two wide research disciplines which are typically separate: security engineering and secure software engineering. Security engineering has an extensive history, and has focused generally on providing advances in security models, techniques and protocols, but it remains in a steady state of the development. Secure software engineering, however, has emerged relatively recently, but is growing quickly and is paying attention on the integration of security into software engineering techniques; models and processes, in order to build up more secure information systems. In the study of security engineering, security described as the protection from harm. It presented the principles of security, the number of security mechanisms and the risk analysis to identify the risk. In the study of secure software engineering, it has been identified a number of challenges that need to establish for developing the secure software system. We also investigated a number of methods and languages that is modeling the security into software systems.