DocumentCode
833126
Title
Adopting a software security improvement program
Author
Taylor, D. ; McGraw, Gary
Author_Institution
Cigital
Volume
3
Issue
3
fYear
2005
Firstpage
88
Lastpage
91
Abstract
Leading software shops (including Microsoft) are working hard to improve the way they build security into their products. Software security initiatives have proven beneficial for those organizations that have implemented them. Such initiatives involve the adoption and rollout of various types of best practices. The article describes an approach that works, with an emphasis on business process engineering that might be unfamiliar to technical practitioners. By following some commonsense steps, a software security improvement program has a greater chance of achieving its ultimate goal: software security that makes business sense.
Keywords
business process re-engineering; safety-critical software; security of data; best practices; business process engineering; software security improvement program; software shops; Best practices; Computer security; Cultural differences; Life testing; Privacy; Programming; Risk analysis; Software measurement; Software testing; Software tools; software development life cycle;
fLanguage
English
Journal_Title
Security & Privacy, IEEE
Publisher
ieee
ISSN
1540-7993
Type
jour
DOI
10.1109/MSP.2005.60
Filename
1439511
Link To Document