Aspects of Enhancing Security in Software Development Life Cycle

Ijca Proceedings on International Conference on Microelectronics Circuits and Systems, 2014

This paper focuses on the security aspects of software. It analyses the various loopholes that can exist in the development of a software or the various damages that can be incorporated by malicious users, and also the remedies that when carefully undertaken can remove the vulnerabilities. This is an overview or study of security problems of different nature and the proper and systematic tackling methodology adopted to eradicate them and thereby also add value to its quality.

2007

Alone we can do so little; together we can do so much.' -Helen Keller-My sincerest gratitude to the following people: · My supervisor, Prof Rossouw von Solms, for his invaluable support and guidance; · My special friend and colleague, Cheryl Schröder, for believing in me and encouraging me every step of the way; · My editorial team, Bron Kaplan and Debbie Box, for their dedication and commitment ; · My family, friends and colleagues, for their everlasting support and understanding.

2020

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything is advancing faster than we can ever think of, most of the old security policies can no longer be implemented alone. The consequences and impacts that could be brought upon a company are really huge if the software applications are not secured according to the modern trend. Therefore, in this paper research is done to asses the security integration in software development process. The concept and the purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development. With a better and clearer...

International Journal of Emerging Multidisciplinaries: Computer Science & Artificial Intelligence

This research aims to explore optimal strategies for fortified software, enhancing the implementation of secure software development practices. Software security involves crafting and designing software that guarantees the integrity, confidentiality, and availability of its code, data, and functionalities. Often, in prioritizing functionality, security takes a back seat when organizations embark on system development. Yet, it's imperative to embed security at every phase of the Software Development Life Cycle (SDLC). Numerous methodologies and models exist for addressing software security, but only a few substantiate creating secure software applications effectively. Despite advancements, software security remains inadequately addressed, posing a challenge to integrating security protocols into the SDLC seamlessly. This review advocates specific security measures to be integrated at each SDLC level, fostering a secure SDLC. Efficient amalgamation of these processes ensures the d...

Proceedings of the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing - CompSysTech '09, 2009

Assurance has been a major topic for critical systems. Assurance is usually associated with safety conditions but has also an important role for checking security requirements. Security is best assured if it is addressed holistically, systematically, and from the very beginning in the software's development process. We propose to integrate assurance and system development by letting the different stages of the system development life-cycle be mapped to the structure of the assurance case.

Integrity, Internal Control and Security in Information Systems, 2002

More and more software is deployed in an environment with wide area network connectivity, in particular with connectivity to the Internet. Software developers are not always aware of the security implications of this connectivity, and hence the software they produce contains a large number of vulnerabilities exploitable by attackers. Statistics show that a limited number of types of vulnerabilities account for the majority of successful attacks on the Internet. Hence, we believe that it is very useful for a software developer to have a deep understanding of these kinds of vulnerabilities, in order to avoid them in new software. In this paper, we present a survey and classification of the most commonly exploited software vulnerabilities.

2004

Abstract: The development and maintenance of network and data security in software systems is done in a late phase of design and coding or during deployment, often in an ad-hoc manner. Network monitoring and recovery, encryption protocols, best practices for combating cyber-crime, or disaster recovery planning are useful methodologies applied to enforce security of a deployed system. Nevertheless these are not enough to protect from attacks directed to software vulnerabilities hidden at design and code level.

Securing software is a never ending process. In this world approximately eighty-fi ve percent persons are connected to each other via PCs, laptops or mobiles. This much of communication and data sharing produces insecurity of information. Hence organizations need for much higher levels of security. Security with less maintenance is their demand. Actually organizations mainly focus on cost eff ective security achievements which is achieved using durable security. Enhancing security via durability is not an easy process but also very complex with some limitations. This research work can be used in durability as a security factor which gives a new methodology for developing secure software. In this article, how durability is achieved is shown, while developing security of software. Developing a quality product will lead to a secure product on which user can trust.

2009 IFIP International Conference on Wireless and Optical Communications Networks, 2009

Today an application is secured using invitro perimeter security. This is the reason for security being considered as nonfunctional requirement in Software Development Life Cycle (SDLC). In Next Generation Internet (NGI), where all applications will be networked, security needs to be in-vivo; security must be functions within the application. Applications running on any device, be it on a mobile or on a fixed platform -need to be security-aware using Securityaware Software Development Life Cycle (SaSDLC), which is the focus of this paper. We also present a tool called Suraksha that comprises of Security Designers' Workbench and Security Testers' Workbench that helps a developer to build Security-aware applications.

The advancement of technology has made the development of software applications become unstoppable. The wide use of software applications has increased the threat to cyber security. The recent pandemic required the organization to adapt and manage new threats and cyberattacks due to the rising number of cybercrime activities all around the digital ecosystem. This situation has led to the importance of ensuring that the software is safe to use. Therefore, software development that emphasizes security aspects in every phase of the software development life cycle (SDLC) should be prioritized and practised to minimize cybersecurity problems. In this study, a document survey be conducted to achieve an understanding of secure software development processes and activities. The source of information is retrieved from different reliable resources of scientific research databases such as IEEE, Science Direct and Google Scholar. Moreover, trusted web resources also be referenced to support ...