Implementation of Secure Software Design and their impact on Application

Ahmad, Zia; Asif, Muhammad; Shahid, Muhammad; Rauf, Adeel

doi:10.5120/21261-3355

Cited by 4 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Vulnerabilities associated with the system may be reduced to a minimum level during the SDLC. It may not be possible to eliminate vulnerability, but it might be reduced to a minimum level if security is treated as an ongoing process . Therefore, this research looks at the software development process as a whole, from the perspective of each development phase (SDLC), and seeks to determine important secure measures that must be employed at each phase to ensure highly secure products.…”

Section: Introductionmentioning

confidence: 99%

“…In many cases, it is only considered after the design of the system is completed or when a significant issue must be addressed. Currently, no software development processes or practices exist that consistently produce secure software . Therefore, it is recommended that developers adopt practices that can reduce software defects and, as a result, minimize any potential risk because of the lack of security attention during the process.…”

Section: Introductionmentioning

confidence: 99%

“…In addition, detailed information about the usage of secure software is rarely published. One important area, as noted by Ahmad et al ., , Arbain et al ., , and Devanbu and Stubblebine in more than a decade ago, is that focused on the non‐functional requirements of software security, are not well defined in software security research. The area place emphasizes on effective design and the use of policies and a framework for security requirements, to sufficiently address software security concerns in various software development projects.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The practice of secure software development in SDLC: an investigation through existing model and a case study

Karim

Albuolayan

Saba

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Software security is an essential requirement for software systems. However, recent investigation indicates that many software development methodologies do not explicitly include methods for incorporating information security into the software development life cycles (SDLC). This research investigates, using case study, the methodologies being used in software development in Saudi Arabia and describes a model for integrating security into the SDLC. The aim is to identify the appropriate means of introducing security measures much earlier in the SDLC. This model is designed to be an extension to the existing SDLC. For achieving the research objectives and answering the research questions, the research followed a case study research design in an information‐based organization. The research identified various important elements as security standards, policies, processes being practiced, and tools used within SDLC projects. In this regard, recommendations and verification were gathered to elicit the actual activities that are appropriate to be conducted at each phase of SDLC. The non‐functional security requirements were also found, to the use of fortify and hp alm for source code review and web application testing. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The practice of secure software development in SDLC: an investigation through existing model and a case study

Karim

Albuolayan

Saba

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…To reduce accidental addition of vulnerability Secure Design Pattern (SDP) are used. Secure Strategy Design Pattern (SSDP) and Secure Builder Design Pattern (SBDP) were introduced and implemented in a web application [2]. SSDP is actually addition in working of Strategy design pattern and SBDP is extension in Builder design pattern.…”

Section: Related Workmentioning

confidence: 99%

“…Attackers cause problems by exploiting vulnerabilities in code [1]. Vulnerability is also known as a fault in the security of an information system that some time may be known or unknown [2]. Vulnerability is simply a design flaw or an implementation bug that allows a potential attack on the software in some way [1].…”

Section: Introductionmentioning

confidence: 99%

Design Pattern and Security Influence on Application Development

Ahmad¹,

Rauf²,

Asghar³

2016

IJCA

Self Cite

View full text Add to dashboard Cite

It"s common among developers when they start coding for an application, a specific design pattern not found in the road map of development and it becomes a vulnerable point to exploit. Applications developed without design pattern difficult to change and understand. It is possible to reduce vulnerability at minimum level and it results in the reduction of maintenance cost. An application was developed for this paper using design patterns, two pages visitor information page and school member verification form were build using Factory design pattern and Interpreter design patter. SFDP and SIDP are the two secured design patterns proposed for making application secure and more reliable than before using encryption-decryption hashing algorithm encoding scheme. The points expressed in proposed model clearly explain the expected vulnerable points. A secure design will keep application more reliable and available as it was before.

show abstract