DocumentCode
2138399
Title
An integrated approach to security in software development methodologies
Author
Raman, Abhay ; Muegge, Steven
Author_Institution
Dept. of Syst. & Comput. Eng., Carleton Univ., Ottawa, ON
fYear
2008
fDate
4-7 May 2008
Abstract
Software today is critical in every domain of society and business and it is paramount that this software be secure. Traditionally, the disciplines of software engineering and security engineering have worked in separate silos, and when system requirements conflict with retrofitted security mechanisms, vulnerabilities result. We argue that security engineering and software engineering can be addressed together, and we propose an integrated model that aligns and entwines these processes. We present insights from applying this secure software engineering model in a software development project, and discuss implications for further research in secure software engineering.
Keywords
security of data; software engineering; security engineering; software development methodologies; software engineering; Decision support systems; Programming; Security; Applications; Methodology; Security; Software Development; Threat Modeling;
fLanguage
English
Publisher
ieee
Conference_Titel
Electrical and Computer Engineering, 2008. CCECE 2008. Canadian Conference on
Conference_Location
Niagara Falls, ON
ISSN
0840-7789
Print_ISBN
978-1-4244-1642-4
Electronic_ISBN
0840-7789
Type
conf
DOI
10.1109/CCECE.2008.4564898
Filename
4564898
Link To Document