Secure Software Development - Annotated Bibliography Example

Secure Software Development These days software is more vulnerable to security based attacks because of boost in connectivity, complexity aswell as extensibility. In this scenario, securing software applications are normally recognized as a post development task plus not much significance is specified to it all through the system development of application. Though organizational losses have increased in pervious few years due to privacy and security based flaws in system. These issues has invited technology based researchers to discover out enhanced methods for the securing and protecting software applications. This research is aimed to assess and analyze some of major areas and aspects regarding “Secure Software Development”. This research will present some of major reasons for the security based issues in software development process. Here I will also present some of major initiatives that we can formulate to develop software application in a much better way. http://www.gosustainable.se/fou/cuppsats.nsf/all/236d8e3848f41ec7c12572d3007d0f61/$file/ahmed_bth_mse_2007_12.pdf Introduction Computer software applications are more and more experiencing both external and internal penetrations. One key idea intended for this is the reality that software applications are yet through development faults that yet make them to be susceptible. This has taken problems regarding security into intelligent focus for the reason those businesses, comprising administrations, reliant mostly on software application for their every day processes. The situation becomes more insightful in situations where software applications are employed intended for dangerous missions. For this reason most of the building security applications are gaining more and more concentration these days. In this scenario, most of companies all through the world in field of security are paying attention to improve and enhance the security of overall technology based systems. As well, because clients (companies) have practiced unlucky security breaches, there is augmented awareness as well as disturbance intended for Secure Software Development. Though, in building security applications, many have to be done. Safety methods have to be applied in the entire the software development stages of software engineering model. In this scenario, Devanbu and Stubblebine (2000) outlined that safety concerns have to inform each stage of system development, from system development requirements elicitation to design, execution, testing as well as application deployment. This is essential for the reason that system developer might naively insert defects in the entire phases of the software development procedure. Devanbu, P. T. & Stubblebine (2000). Software engineering for security: A roadmap. Proceedings of International Conference on Software Engineering (ICSE’ 2000), Special volume on “Future of Software Engineering”, 2000. http://proceedings.informingscience.org/InSITE2006/IISITSodi143.pdf http://www.dtic.mil/dtic/tr/fulltext/u2/a447047.pdf The intention of this research is gather as well as present general idea regarding information about present procedures, standards, frameworks, life cycle models as well as methodologies that facilitate or could support more enhanced and secure software development. Where appropriate and probable, a number of assessment or decision might be offered for specific system development life cycle procedures, models, frameworks as well as methodologies. Literature Review Nowadays, there has been much interest in developing software securely. In this scenario, Pauli and Xu (2005) outlined a threat driven software design of safe information systems. This research has outlined threat modeling by means of exploitation situations as well as stated that the assessments those can be employed in comprehensive system development validation and design of software applications. Wilander and Gustavsson (2005) stated that security needs are usually inadequately stated because of 3 things: discrepancy in the level of features, inconsistency in the assortment of system working needs and approximately no quality based standard on the system development requirements on a number of safety based solutions. The outcome of the research outlined that software development security mostly taken as practical feature composed of security characteristics for example system backup, login and system access control management. They outlined that stated that system development requirement on systems through declaration actions are left out. Devanbu and Stubblebine (2000) highlighted that systems development plus security engineering have to be incorporated so as to have a more and effectively protected software applications. While 2 research article on software development security by Mead and McGraw (2003) and Ghosh, Howell, and Whittacker (2002) as well highlighted the requirement to develop software solution more securely from the ground. Different from stating plus emphasizing the safety requirements of software development system, a lot of technology based researchers have in fact projected techniques intended for enhancing software security. One technique is knows as the correctness-by-construction presented by Praxis Critical Systems Limited (Hall & Rod, 2004). This technique functions on the standards that errors should not be present in the initial stages as well as that issues should be removed as close as probable to the point they are initiated. The technique as well includes standard details to denote design components and system by means of analyses and review intended for accuracy and constancy. Hall and Rod (2004) stated that correctness by correction technique developed faults densities ranging from 0.04-0.75 issues/thousand lines of system/software code. One more technique intended for attaining safe applications is the Cleanroom (Linger & Stacy, 2004). Clean room includes software development methodology known as functional based system development specification, incremental development as well as accuracy confirmation, design plus statistical testing. Redwine and Davis (2004) stated that general system development performance of clean-room as varying from 0.1 errors per Kilos of Lines of Codes by means of complete system to 0.4 errors Kilos of Lines of Codes by means of limited application. CMMs or Capability Maturity Models have as well been employed as system development process models to direct businesses in enhancing the potential to carry out a particular procedure. An instance of security associated Capability Maturity Model is SSE-CMM or Systems Security CMM that was outlined in Hefner (1997). Golderson and Gibson (2003) outlined that Capability Maturity Models have as well facilitated in the general decline in implementation and design defects of software applications. Analogous to Capability Maturity Model is threat modeling. Threat-modeling is employed to examine possible threat to software development so as to direct against security based penetrations or attacks. The value of software development threat modeling has verified in a number of earlier researches (Mogilevsky, Lee, & Yurcik, 2005; Myagmar, Lee, & Yurcik 2005). Graphs or attack trees have as well been employed in assessing what security actions to install in a system (Schneir, Lippman, & Wing, 2002; Sheyner & Wing, 2004). Though, attack trees model for a chosen set of attacks by means of a finite-state-machine as well as practicable simply in small situations. They as well necessitate compiling a list of possible dangers previous to generating attack trees. The experiential working of both security based threat modeling as well as attack trees are not willingly accessible. Another technique intended for enhancing safety of software is the SEI’s TSP or Team Software Process (Davis & Mullaney, 2003). The procedure includes the idea of handling and removing requirement, implementation and design issues throughout system development lifecycle, managing plus assessment of procedure, as well as making use of analytical procedures of removing issues. It is evident from the literature that software applications are yet having defects (however negligible in a number of situations). The reality is that a security based attacker simply requires discovering one security fault to compromise the entire system. It is consequently significant to develop and design completely error-free systems for the reason that the insinuation of an issues or bug in system might be disastrous as well as outcomes in loss of huge amounts of money. http://proceedings.informingscience.org/InSITE2006/IISITSodi143.pdf Davis, N. & Mullaney, J. (2003). The team software process in practice: A summary of recent results. Technical Report CMU/SEI-TR-014, September. Devanbu, P. T. & Stubblebine (2000). Software engineering for security: A roadmap. Proceedings of International Conference on Software Engineering (ICSE’ 2000), Special volume on “Future of Software Engineering”, 2000. Ghosh, A. K., Howell, C. & Whittacker, J. A. (2002). Building software securely from ground up. IEEE Software magazine, January/February. Goldenson, D. R. & Gibson, D. L. (2003). Demonstrating the impact and benefits of CMMI. Special Report CMU/SEI-2003-SR-009. The Software Engineering Institute, Carnegie Mellon University. Hall, A & Rod, C. (2004). Correctness-by-construction. Paper written for Cyber Security Taskforce Subgroup on Software Process, January. Hefner, R. (1997). Lesson learned with the systems security engineering capability model. Proceedings of the Conference on Software Engineering, Boston, Massachusetts, USA. Linger, R. & Stacy, P. (2004). Developing secure software with Cleanroom software engineering. Paper prepared for Cyber Security Summit Task Force Subgroup on Software Process, February. Mead, N. R. & McGraw, G. (2003). From the ground up: The DIMACS software security workshop. IEEE Security and Privacy, March/April. Mogilevsky, D., Lee, A. J. & Yurcik, W. (2005). Defining a comprehensive threat model for high performance computational clusters. ACM Computing Research Repository (CoRR), Technical Report cs.CR/0510046, October 16, 2005. Retrieved from http://www.ncassr.org/projects/threatmodeling/mogilevskyCorr05-threatmodel.pdf Myagmar, S., Lee, A. J. & Yurcik, W. (2005). Threat modeling as a basis for security requirements. Symposium on Requirements Engineering for Information Security (SREIS) in conjunction with 13th IEEE International Requirements Engineering Conference (RE), Paris, France, August 29. Pauli, J. & Xu, D. (2004). Threat-driven architectural design on secure information systems. Presented at the International Conference on Enterprise Information System, Miami, Florida, USA. Redwine, S. T. & Davis, N. (2004). Processes to produce secure software. National Cyber Security Summit, March. Schneir, J. H., Lippman, J. R. & Wing, J. (2002). Automated generation and analysis of attack graphs. Proceeding of IEEE Symposium on Security and Privacy, April. Sheyner, O. & Wing, J. (2004). Tools for generating and analysing attack graphs. Proceeding of Formal Methods for Components and Objects. Wilander, J. & Gustavsson, J. (2005). Security requirements – A field study of current practice. Presented at the Symposium on Requirement Engineering for Information Security (SREIS’ 2005), Paris, France. The development of secure software This section will assess and analyze the some of major aspects regarding the secure development of software. As stated previously, the method through which software is developed as well as the precise method employed are extremely significant to develop secure software systems. Initially, the software development methodology is significant. It is stresses highly in all security specification researches about the worth of data and information encapsulation and hiding. This specifies that the OO method is to be chosen over a traditional procedural software development method. The major initiative in the planned methodology is that software security standards those should be implemented at each software development phase plus that every phase is able to checked intended for fulfillment by those standards. Here below I will outline how can we implement a more secure software development approach a software development process. Here this research will outline some of major security management initiatives for whole software development lifecycle. Requirements stage: In case of security management we need to develop such use cases those are able to describe the necessary interactions by the system. Through such kind of use cases we will be able to decide the desirable rights intended for every actor to enter the system as well as therefore implement a need-to-know strategy [3]. Yet actors can communicate to functions; this is able to be taken as a RBAC or Role Based Access Control model. Note that the group of the entire use cases describes the entire the exercises of the system as well as from the entire the use cases we are able to decide every rights designed for every user role. We are able to then judge probable attacks in the circumstance of such kind of use-cases. Analysis stage: In case of secure software engineering; the analysis patterns are able to be employed to construct the theoretical model in a more dependable plus well-organized way. We are able to develop a conceptual model where frequent functions of the Authorization outlines understand the rights assessed from use cases. Actually, analysis patterns are able to be constructed by means of previously described authorizations as or the roles in their use cases. This formulate the job of describing rights yet more easier. Design stage: For the sake of secure software development, user interfaces have to communicate to use cases. Interfaces are able to be protected and secured through implementing once more the more enhanced Authorization pattern. Safe interfaces implements authorizations when clients interact by the system. Ultimately, system operational are able to be protected through making use of JAAS rules defined according to the agreement policy intended for Java components or by means of .NET application for .NET components. Building diagrams is able to describe safe configurations to be employed through security administrators. Here a multilayer arrangement is required at the present to implement the security controls described at the application level. In every level we make use of patterns to demonstrate suitable security methods. Implementation stage: This phase requires reflecting in the software code the security policy described intended for the application. For the reason that these policies are articulated as associations, classes as well as constraints, they are able to be applied as extra classes. We as well require choosing specific security packages, for example a cryptographic or firewall package. At the end of every phase we need to perform reviews to confirm that the organization policies are being applied. If essential, the security restrictions can be formulated more exact through making use of Object Constraint Language instead of textual restrictions. Patterns intended for security models describe the maximum level. At every lower level we implement the model patterns to allocate methods that implement these models. In this method we are able to describe patterns intended for file systems, J2EE components, web documents, etc. We are able to as well assess of a novel or obtainable system by means of patterns. Patterns facilitate to recognize the need for security structure of every part to permit their composition as well as describe protected interfaces. If a software application does not include a suitable pattern then it is not able to be facilitating the equivalent secure method or model. We are able to merge dissimilar kinds of patterns to obtain dissimilar quality and functionality. For instance, unites connection patterns and RBAC, filter. http://uran.donetsk.ua/~masters/2009/fvti/ugnichenko/library/EFLVSecSysDes1.pdf Why Vendors Create More Secure Software Enhancing the application security should be a very important for a vendor to sell our software. It is reality important for a number of users for pure cost of implementing security based updates formulates it worth obtaining privacy, security as well as reliability right untimely in the procedure rather than placing the burden on our clients to implement updates. The objective of developing more safe and secure applications and minimizing client pain is why Microsoft has implemented SDL. It is not free of cost. It costs money, time as well as effort to apply new and more secure technology based arrangements. However the open advantages far balance the cost of reviews, building plus testing new application security updates, plus encompassing clients deploy the updates. Microsoft corporation has established numerous censure in the past regarding the uncertainty of a number of its technology based products, plus this censure was a main aspect in the corporate promise to enhance its application development procedures. Read More