학술논문
An integrated approach to security in software development methodologies
Document Type
Conference
Author
Source
2008 Canadian Conference on Electrical and Computer Engineering Electrical and Computer Engineering, 2008. CCECE 2008. Canadian Conference on. :002011-002014 May, 2008
Subject
Language
ISSN
0840-7789
Abstract
Software today is critical in every domain of society and business and it is paramount that this software be secure. Traditionally, the disciplines of software engineering and security engineering have worked in separate silos, and when system requirements conflict with retrofitted security mechanisms, vulnerabilities result. We argue that security engineering and software engineering can be addressed together, and we propose an integrated model that aligns and entwines these processes. We present insights from applying this secure software engineering model in a software development project, and discuss implications for further research in secure software engineering.