Home   >   CSC-OpenAccess Library   >    Manuscript Information
Cutting Edge Practices for Secure Software Engineering
Kanchan Hans
Pages - 403 - 408     |    Revised - 30-08-2010     |    Published - 30-10-2010
Volume - 4   Issue - 4    |    Publication Date - October 2010  Table of Contents
Secure Software Engineering, Security vulnerabilities, risk analysis
Security has become a high priority issue in software engineering. But, it is generally given a side thought. Security features are implemented after engineering the whole software. This paper discusses that security should be implemented right from the inception of software and planned for each phase of SDLC in software Engineering.The paper also suggests recommendations for implementing security at each phase of life cycle of software. If each phase of the software engineering includes the appropriate security analysis, defenses and countermeasures, it will definitely result in a more robust and reliable software.
CITED BY (9)  
1 Chawla, D., & Kaur, M. (2014). System & Web based Modeling for Secure Software Development. International Journal of Computer Technology and Applications, 5(1), 257.
2 Abdulrazeg, A. A., Norwawi, N. M., & Basir, N. (2014, October). Extending V-model practices to support SRE to build secure web application. In Advanced Computer Science and Information Systems (ICACSIS), 2014 International Conference on (pp. 213-218). IEEE.
3 Pirnau, M. (2013, June). The analysis of the. NET architecture security system. In Electronics, Computers and Artificial Intelligence (ECAI), 2013 International Conference on (pp. 1-6). IEEE.
4 Siddiqui, S. T., Hamatta, H. S., & Bokhari, M. U. (2013). Multilevel Security Spiral (MSS) Model: NOVEL Approach. International Journal of Computer Applications, 65(20).
5 Shravani, D., Varma, P. S., Rao, K. V., Rani, B. P., & Kumar, M. U. (2012). dependable web services security architecture development theoretical and practical issues–spatial web services case study.
6 D. Shravani, Dr. P. S. Varma, K. V. Rao, M.U. Kumar and Dr.B.P. Rani, “Dependable Web Services Security Architecture Development Theoretical and Practical Issues – Spatial Web Services Case Study”, Natarajan Meghanathan, et al. (Eds): ITCS, SIP, JSE-2012, CS & IT 04, pp. 79–98, 2012.
7 Shravani, D., Varma, P. S., Rani, B. P., Kumar, M. U., & Prasad, A. K. (2011). Designing Dependable Web Services Security Architecture Solutions. In Advances in Network Security and Applications (pp. 140-149). Springer Berlin Heidelberg.
8 Alvi, A. K., & Zulkernine, M. (2011, December). A natural classification scheme for software security patterns. In Dependable, Autonomic and Secure Computing (DASC), 2011 IEEE Ninth International Conference on (pp. 113-120). IEEE.
9 M.U. Kumar, Dr. D. S. Kumar, Dr. B. P. Rani and K. V. Rao, “Designing Dependable Agile Layered Web Services Security Architecture Solutions”, Indian Journal of Computer Science and Engineering (IJCSE), 2(3), pp. 128-436, June-July 2011.
1 Google Scholar 
2 Academic Journals Database 
3 CiteSeerX 
4 refSeek 
5 iSEEK 
6 Socol@r  
7 ResearchGATE 
8 Libsearch 
9 Bielefeld Academic Search Engine (BASE) 
10 Scribd 
11 SlideShare 
13 PdfSR 
Allen, Julia, Barnum, Sean, Ellison, Robert, McGraw, Gary, Mead, Nancy. “Software Security Engineering: A Guide for Project Managers”. Addison-Wesley, 2008
Barbato, A. Montes, Vijaykumar. “Methodologies and Tools for Software Vulnerabilities Identification”
D. J. Hulme, B. Wassermann. “Software Engineering for Security”. Available at: www.cs.ucl.ac.uk/ staff/ucacwxe/lectures/3C05-01-02/aswe17.pdf
Fuzz Testing [Online]. Available at: http://en.wikipedia.org/wiki/Fuzz_testing
G. Blitz, Jarry, M. Coles, Dhillon, C. Fagan. “Fundamental Practices for Secure Software Development: A guide to most effective secure practices today”. Safe Code Software Forum for Excellence in Code, 2008
G. McGraw. “Automated Code Review Tools Used for Security, How Things WorK”. Cigital, 2005
G. McGraw. “Building Secure Software: Better than Protecting Bad Software ”. IEEE Software, 19(6):57–59, 2002
G. McGraw. “Software Penetration Testing, Building Security In”. published by IEEE Computer Society, 2005
G. McGraw. “Software Security Testing, Building Security In”. published by IEEE Computer Society, 2004
G. McGraw. “Software Security, Building Security”. In published by IEEE Computer Society, 2004
G. McGraw. “Testing for Security during Development: Why We Should Scrap Penetrate-and- Patch”. IEEE Aerospace and Electronic Systems, 13(4):13–15, 1998
J. D. Meier, A. Mackman, B. Wastell, P. Bansode, J. Taylor, R. Araujo. “Software Engineering Explained: Patterns and Practices”. Microsoft
Jian Chen. “Security Engineering for Software”. isis.poly.edu/courses/cs996-management /Lectures/SES.pdf
M. U. A. Khan, M. Zulkernine. “A Survey on Requirements and Design Methods for Secure Software Development”. Technical Report No. 2009 – 562 , School of Computing, Queen’s University, Kingston, Ontario, Canada, 2009
Nancy R. Mead, T. Stehney. “Security Quality Requirements Engineering (SQUARE) Methodology”. Software Engineering for Secure Systems -- Building Trustworthy Applications (SESS'05), 2005
Penetration test [Online]. Available at: http://en.wikipedia.org/wiki/Penetration_testing
Sodiya, Onashoga, Ajayi. “Towards Building Secure Software Systems, Issues in Informing Science and Information Technology” . 3: 2006
Mr. Kanchan Hans
- India

View all special issues >>