Incorporating Security into Software Development Process

被引：0

作者：

Yoshioka, R. ^{[1
]}

Watanobe, Y. ^{[1
]}

Mirenkov, N. ^{[1
]}

机构：

[1] Univ Aizu, Aizu Wakamatsu, Fukushima, Japan

来源：

NEW TRENDS IN SOFTWARE METHODOLOGIES, TOOLS AND TECHNIQUES | 2008年 / 182卷

关键词：

D O I：

10.3233/978-1-58603-916-5-99

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

A general scheme of software development process is considered and some aspects related to integrating security into this scheme are analyzed. In particular, semantic-based, defense-in-depth techniques embedded into system/component defense shields and data acquiring/monitoring kernels are considered. The defense shields are to semantically check data of every input before a software component may process them and also to check every output before sending it to other components. The kernels are to regularly perform semantic analysis of the internal status and local data of a component/system. Based on these two ideas, real-time discovery of Vulnerabilities and threats is possible even when various protective measures, such as, passwords, firewalls, intrusion detection systems, access control lists, etc. have been breached. Existing programming systems and possible new methods to realize the shields and kernels are also considered.

引用

页码：99 / 109

页数：11

共 50 条

[21] Integrating security design into the software development process for e-commerce systems
Chan, M.T., 2001, Emerald Group Publishing Ltd. (09): : 2 - 3
[22] Software Support for Common Criteria Security Development Process on the Example of a Data Diode
Rogowski, Dariusz
PROCEEDINGS OF THE NINTH INTERNATIONAL CONFERENCE ON DEPENDABILITY AND COMPLEX SYSTEMS DEPCOS-RELCOMEX, 2014, 286 : 363 - 372
[23] Cost Benefit Analysis of Incorporating Security and Evaluation of Its Effects on Various Phases of Agile Software Development
Kumar, Sushil
Kaur, Avinash
Jolly, Ashish
Baz, Mohammed
Cheikhrouhou, Omar
MATHEMATICAL PROBLEMS IN ENGINEERING, 2021, 2021
[24] Incorporating software process in an undergraduate software engineering curriculum: Challenges and rewards
Suri, D
Sebern, MJ
17TH CONFERENCE ON SOFTWARE ENGINEERING EDUCATION AND TRAINING, PROCEEDINGS, 2004, : 18 - 23
[25] Security Assurance Model of Software Development for Global Software Development Vendors
Khan, Rafiq Ahmad
Khan, Siffat Ullah
Alzahrani, Musaad
Ilyas, Muhammad
IEEE ACCESS, 2022, 10 : 58458 - 58487
[26] Economic Impact of Software Security Activities in Software Development
Chehrazi, Golriz
2013 INTERNATIONAL CONFERENCE ON RISKS AND SECURITY OF INTERNET AND SYSTEMS (CRISIS), 2013,
[27] Incorporating a disciplined software development process in to introductory computer science programming courses: Initial results
Towhidnejad, M
Salimi, A
FRONTIERS IN EDUCATION FIE'96 - 26TH ANNUAL CONFERENCE, PROCEEDINGS, VOLS 1-3: TECHNOLOGY-BASED RE-ENGINEERING ENGINEERING EDUCATION, 1996, : 497 - 500
[28] Incorporating Usability Evaluation in Software Development Environments
Humayoun, Shah Rukh
KUNSTLICHE INTELLIGENZ, 2012, 26 (02): : 197 - 200
[29] Incorporating Usability Evaluation in Software Development Environments
Shah Rukh Humayoun
KI - Künstliche Intelligenz, 2012, 26 (2) : 197 - 200
[30] Incorporating security requirements engineering into the Rational Unified Process
Mead, Nancy R.
Viswanathan, Venkatesh
Zhan, Justin
PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON INFORMATION SECURITY AND ASSURANCE, 2008, : 537 - 542

← 1 2 3 4 5 →