Enhancing software security: A study of simplified secure software development framework (Record no. 531645)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 02293nam a22001457a 4500 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 250926b ||||| |||| 00| 0 eng d |
| 100 ## - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Satyanarayana, N., et al |
| 245 ## - TITLE STATEMENT | |
| Title | Enhancing software security: A study of simplified secure software development framework |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) | |
| Place of publication, distribution, etc | ISTM Journal of Training Research and Governance |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 5(2), Jan, 2025: p.65-76 |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc | The world is moving towards digital services and at the same time the attacks and exploitation of software vulnerabilities are also increasing. This situation not only leads to the lack of trust in software quality but also to the loss of business opportunities. Identifying security issues only during the software testing phase often leads to project delays and budget overruns. Focusing on security aspects in every phase of the software development lifecycle is an effective strategy, as it enables software architects, developers, and testers to understand their individual responsibilities within their respective phases while promoting a collaborative approach to addressing security across the entire development process. The objective of this paper is to present a simplified secure software development framework that explains an implementation strategy that can be followed by project teams in developing secure software. Authors have conducted a detailed study of various software vulnerabilities, their impact and root cause of errors and proposed a secure SDLC framework that suggest a methodology called as “P6” (Prepare, Practice, Protect, Produce, Probe, and Process Metrics) as an appropriate strategy to deal with the factors contributing to security concerns effectively. Authors have taken a sample project work that has no security aspects incorporated into it as a case study and incorporated the best practices, standards, tools, techniques and strategies relevant to each phase in-line with the proposed secure SDLC framework. Based on the efforts a set of practices that can be followed has been listed in this article.- Reproduced https://www.istm.gov.in/home/istm_journal/386 |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Secure SDLC, Threat analysis, Attack vector reduction techniques, Security metrics |
| 9 (RLIN) | 56951 |
| 773 ## - HOST ITEM ENTRY | |
| Main entry heading | ISTM Journal of Training Research and Governance |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Item type | Articles |
| Withdrawn status | Lost status | Source of classification or shelving scheme | Damaged status | Not for loan | Permanent location | Current location | Date acquired | Serial Enumeration / chronology | Barcode | Date last seen | Koha item type |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Indian Institute of Public Administration | Indian Institute of Public Administration | 2025-09-26 | 5(2), Jan, 2025: p.65-76 | AR137313 | 2025-09-26 | Articles |