Showing 1–5 of 5 results for author: Fatima-tuz-Zahra

Importance of Secure Software Development Processes and Tools for Developers

Authors: Muhammad Danish Roshaidie, William Pang Han Liang, Calvin Goh Kai Jun, Kok Hong Yew, Fatima-tuz-Zahra

Abstract: In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure Software Development Process for Developers is of crucial importance for software engineers as more and more software-based devices are becoming commonly available, a… ▽ More In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure Software Development Process for Developers is of crucial importance for software engineers as more and more software-based devices are becoming commonly available, and cloud services are evolving which require for the software to be constantly connected to the internet. With this in mind, Secure Software Development needs to be transformed to something most developers can rely upon to make applied software safe and have the capability to mitigate against potential attacks by hackers. Furthermore, in this paper, existing Secure Software Development Process ideas and implementations are reviewed and investigated using the research paper pool available online. Thereafter, an approach is proposed to enhance the security aspect in software development process to resolve security issues. Lastly, the paper concludes with final remarks on practical implementation of security features in software development phases for production of secure and reliable software programs and systems. △ Less

Submitted 30 December, 2020; originally announced December 2020.

Implementation of Security Features in Software Development Phases

Authors: Ariessa Davaindran Lingham, Nelson Tang Kwong Kin, Chen Wan **g, Chong Heng Loong, Fatima-tuz-Zahra

Abstract: Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security features causes to expose all the vulnerabilities possible to the public. This provides opportunities for the attackers to perform dangerous activities to the… ▽ More Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security features causes to expose all the vulnerabilities possible to the public. This provides opportunities for the attackers to perform dangerous activities to the vulnerable insecure systems. This is the reason why many organizations are reported for being victims of system security attacks. In order to achieve the security requirement, developers must take time to study so that they truly understand the consequences and importance of security. Hence, this paper is written to discuss how secure software development can be performed. To reach the goal of this paper, relevant researches have been reviewed. Multiple case study papers have been studied to find out the answers to how the vulnerabilities are identified, how to eliminate them, when to implement security features, why do we implement them. Finally, the paper is concluded with final remarks on implementation of security features during software development process. It is expected that this paper will be a contribution towards the aforementioned software security domain which is often ignored during practical application. △ Less

Submitted 24 December, 2020; originally announced December 2020.

Software, Attacker and Asset-centric Approach for Improving Security in System Development Process

Authors: Abdul Hadi bin Abdul Rahman, Abdullah Nazir, Kim Tae Hyun, Tan Horng Yarng, Fatima-tuz-Zahra

Abstract: Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything i… ▽ More Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything is advancing faster than we can ever think of, most of the old security policies can no longer be implemented alone. The consequences and impacts that could be brought upon a company are really huge if the software applications are not secured according to the modern trend. Therefore, in this paper research is done to asses the security integration in software development process. The concept and the purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development. With a better and clearer explanation of these issues, challenges, and methodologies adopted to overcome them are discussed which can potentially provide a better and higher level of security along with better software programmers and client relationship. To comply with future demands and threats, security concerns need to be involved in all phases while develo** a software system. Therefore, an effort is made to investigate and contribute to this domain through this paper. △ Less

Submitted 20 December, 2020; originally announced December 2020.

Risk Assessment, Threat Modeling and Security Testing in SDLC

Authors: Alya Hannah Ahmad Kamal, Caryn Chuah Yi Yen, Gan Jia Hui, Pang Sze Ling, Fatima-tuz-Zahra

Abstract: The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct stages, it may lead to many delays and inefficiency of the project process where this disorganization can directly affect the product quality and reliability. More… ▽ More The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct stages, it may lead to many delays and inefficiency of the project process where this disorganization can directly affect the product quality and reliability. Moreover, with this methodology established as the standard for any project, there are bound to be missteps specifically in regard to the involvement of security due to the lack of awareness. Therefore, the aim of this research is to identify and elaborate the findings and understanding of the security integrated into the process of software development as well as the related individual roles in ensuring that this security is maintained. Through thorough analysis and review of literature, an effort has been made through this paper to showcase the correct processes and ways for securing the software development process. At the same time, certain issues that pertain to this subject have been discussed together with proposing appropriate solutions. Furthermore, in depth discussion is carried out regarding methods such as security testing, risk assessment, threat modeling and other techniques that are able to create a more secure environment and systematic approach in a software development process. △ Less

Submitted 13 December, 2020; originally announced December 2020.

Integration of Security Modules in Software Development Lifecycle Phases

Authors: Isaac Chin Eian, Lim Ka Yong, Majesty Yeap Xiao Li, Noor Affan Bin Noor Hasmaddi, Fatima-tuz-Zahra

Abstract: Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is required by many industrial IT security standards and policies. Despite current cyber protection measures and best practices, vulnerabilities still remain strong an… ▽ More Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is required by many industrial IT security standards and policies. Despite current cyber protection measures and best practices, vulnerabilities still remain strong and become a huge threat to every developed software. It is crucial to understand the position of secure software development for security management, which is affected by causes such as human security-related factors. Although developers are often held accountable for security vulnerabilities, in reality, many problems often grow from a lack of organizational support during development tasks to handle security. While abstract safe coding guidelines are generally recognized, there are limited low-level secure coding guidelines for various programming languages. A good technique is required to standardize these guidelines for software developers. The goal of this paper is to address this gap by providing software designers and developers with direction by identifying a set of secure software development guidelines. Additionally, an overview of criteria for selection of safe coding guidelines is performed along with investigation of appropriate awareness methods for secure coding. △ Less

Submitted 10 December, 2020; originally announced December 2020.