التفاصيل البيبلوغرافية
| العنوان: |
Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model. |
| المؤلفون: |
Hussain, Shariq, Anwaar, Haris, Sultan, Kashif, Mahmud, Umar, Farooqui, Sherjeel, Karamat, Tehmina, Toure, Ibrahima Kalil |
| المصدر: |
Journal of Engineering (2314-4912); 2/21/2024, Vol. 2024, p1-15, 15p |
| مصطلحات موضوعية: |
COMPUTER security vulnerabilities, COMPUTER software development, COMPUTER software security, WATERFALLS |
| مستخلص: |
For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques. [ABSTRACT FROM AUTHOR] |
|
Copyright of Journal of Engineering (2314-4912) is the property of Hindawi Limited and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| قاعدة البيانات: |
Complementary Index |
Full Text Finder