원문정보
초록
영어
As interests in security increases, several software development lifecycle considering security have been proposed. Actual results of applying software development lifecycle considering security reduced threats have been reported. But to apply software development lifecycle considering security, requires expertise and experiences. In this paper a secure software development lifecycle applying integrated secure guide is proposed. Secure Guides such as Misuse Case, Security Patterns and Secure Coding are integrated in the proposed method. And then, by applying integrated Secure Guide in each software development phase, the security becomes available in every phase of software development. Since, proposed secure guide provides more security information than available secure guides, software developer can use more security information while they are developing software. As a result, it is expected that developers could consider security more easily when developing software even though developers lacks expertise in security or experience.
목차
1. Introduction
2. Related Works
2.1. Secure Software Development Lifecycle
2.2. Misuse Case
2.3. Security Patterns
2.4. Secure Coding
2.5. Penetration Testing
3. Secure Guide Integration
3.1. Misuse Case Integration
3.2. Security Patterns Guide Integration
3.3 Secure Coding Guide Integration
4. Secure Software Development Lifecycle.
4.1. Requirement & Analysis Phase
4.2. Design Phase
4.3. Implementation Phase
4.4. Test Phase
5. Evaluation
5.1. Integrated Misuse Case
5.2. Integrated Security Patterns Guide
5.3. Integrated Secure Coding
6. Conclusion
Acknowledgments
References