مرکز منطقه ای اطلاع رساني علوم و فناوري - Defining Misuse within the Development Process

DocumentCode :

842799

Title :

Defining Misuse within the Development Process

Author :

Petersen, G. ; Steven, John

Author_Institution :

Arctec Group

Volume :

Issue :

fYear :

2006

Firstpage :

Lastpage :

Abstract :

The software development industry often brings in security at the eleventh hour, right before developers throw the code over the wall--that is, deploy it into production--and ask, "Well, is it secure?" At this point, hilarity--for the objective observers, anyhow--ensues as security personnel work feverishly to shove crypto, firewalls, and all the other mechanisms at their disposal into the most egregious risk areas. This article describes how to create useful misuse cases within the development process, thus avoiding the headaches that can arise toward the end of the cycle.

Keywords :

Authentication; Authorization; Computer aided software engineering; Computer architecture; Computer security; Data security; Databases; Feedback; Internet; Privacy; misuse cases; software development life cycle; use cases;

fLanguage :

English

Journal_Title :

Security & Privacy, IEEE

Publisher :

ieee

ISSN :

1540-7993

Type :

jour

DOI :

A98FC045-3592-4BC4-8594-082A27164F7C

Filename :

4020242

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=842799