Secure Software Development Model
نویسنده
چکیده
--Extreme programming (XP) is a modern approach for iterative development of software in which you never wait for the complete requirements and start development. Security is usually unnoticed during early phases of software life cycle. In this paper, our main objective is to focus on security requirements at each phase of software life cycle. In this regard, XP is a key solution that provides us with a guide with the ease to recheck our security requirements, if they are unnoticed at any step of software life cycle. Based on XP technique, a new model has been designed that focuses on the concept of iterative development of secure software. In addition, this paper is a guide for developers to develop secure software as most of the software developers are not trained for software security. Index Terms ---Software Security, Software Life cycle, Extreme Programming (XP)
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملTowards Building Secure Software Systems
Software security breaches are now very extremely common and a larger percentage is caused by software design defects. Since individuals and organizations now completely depend on software systems for their day-to-day operations, it is then important to produce secure software products. This paper discusses the problems of producing secure software products and provides a model for improving so...
متن کاملCommon Criteria as a Secure Software Development Model
Standards, models, frameworks and guidelines have been developed for secure software development such as such as Common Criteria, SSE-CMM, Microsoft SDL, OpenSAMM. Current standards and models provide guidance for particular areas such as threat modelling, risk management, secure coding, security testing, verification, patch management, configuration management etc. But there is not a generally...
متن کاملSecure Software Education: A Contextual Model-Based Approach
This article establishes a context for secure information systems development as well as a set of models used to develop and apply a secure software production pedagogy. A generic system model is presented to support the system context development, and to provide a framework for discussing security relationships that exist between and among information systems and their applications. An asset p...
متن کاملAn extensive systematic review on the Model-Driven Development of secure systems
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research onMDS has resulted in a large number
متن کاملTowards a Systematic Development of Secure Systems
In this paper we outline a new process model for security engineering. This process model extends object oriented, use case driven software development by the systematic treatment of security related issues. We introduce the notion of security aspects describing security relevant requirements and measures at a certain level of abstraction. We define a micro-process for security analysis support...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009