Title :
Software Security in Practice
Author :
Chess, Brian ; Arkin, Brad
Abstract :
This department is about building software with security in mind. Since it began in 2004, it has focused on the kinds of activities that constitute a secure development life cycle. As of to day, we´re broadening that charter to include all the essential ingredients of a sustained soft ware security initiative. Instead of focusing on one turn of the crank that yields one new piece of software, we´ll consider the ongoing organizational commitments necessary to facilitate se cure software development.
Keywords :
industrial property; life cycle costing; software development management; secure software development life cycle; software security; Computer security; Electronic mail; Product life cycle management; Programming; Standards organizations; BSIMM; Building Security In Maturity Model; software development; software security; software security group; software security touchpoints;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2011.40
