DocumentCode :
2138399
Title :
An integrated approach to security in software development methodologies
Author :
Raman, Abhay ; Muegge, Steven
Author_Institution :
Dept. of Syst. & Comput. Eng., Carleton Univ., Ottawa, ON
fYear :
2008
fDate :
4-7 May 2008
Abstract :
Software today is critical in every domain of society and business and it is paramount that this software be secure. Traditionally, the disciplines of software engineering and security engineering have worked in separate silos, and when system requirements conflict with retrofitted security mechanisms, vulnerabilities result. We argue that security engineering and software engineering can be addressed together, and we propose an integrated model that aligns and entwines these processes. We present insights from applying this secure software engineering model in a software development project, and discuss implications for further research in secure software engineering.
Keywords :
security of data; software engineering; security engineering; software development methodologies; software engineering; Decision support systems; Programming; Security; Applications; Methodology; Security; Software Development; Threat Modeling;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Electrical and Computer Engineering, 2008. CCECE 2008. Canadian Conference on
Conference_Location :
Niagara Falls, ON
ISSN :
0840-7789
Print_ISBN :
978-1-4244-1642-4
Electronic_ISBN :
0840-7789
Type :
conf
DOI :
10.1109/CCECE.2008.4564898
Filename :
4564898
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2138399
بازگشت