A qualitative evaluation of model-based security activities for software development
نویسندگان
چکیده
Most of the reoccurring types of security problems can be solved by known mitigations in most software products, preferably as early as possible during development. Representing mitigation knowledge in form of reusable security models will help developers in improving software security and learning from past mistakes. This paper explains six model-based security activities that can be integrated with most existing development processes, along with the methods and results of a qualitative evaluation involving software developers from the industry . The evaluation includes semi-structured interviews and questionnaires based on the Technology Acceptance Model (TAM).
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملEvaluation of TheEnterprise Architecture at The Sports and Youth General Directorate of Mazandaran Province and Designing the Model
The aim of this study was to investigate the enterprise architecture (EA) of the status quo at the Sports and Youth General Directorate (SYGD) of Mazandaran Province in order to design a model of the desirable situation. The research method was applied in terms of objectives and descriptive-survey based on quantitative and qualitative analysis using documentary and Delphi methods. The stat...
متن کاملDesigning a model for holding mega sport events with an emphasis on national brand development
The present study seeks a model for holding major sporting events with an emphasis on national brand development. The research method is a mixture of qualitative and quantitative. In the quantitative part, the statistical population, including professors and sports activists, and the statistical sample was done by stratified random sampling. Adequate number for modeling in pls software was 300 ...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملDesigning and Assessment Suuccession Management Model In The Institute For The Intellectual Development Of Children And Young Adults
Abstract The purpose of this study was to Designing and Assessment Suuccession Management Model of managers in The Intellectual Development Of Children And Young Adults. This research was of Mixed Method and exploratory type. In the qualitative part, by using the case and exploratory study method, the dimensions and components of the succession were identified and in the quantitative part, the...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009