{"title":"软件安全的最佳实践:概述","authors":"A. Yasar, D. Preuveneers, Y. Berbers, G. Bhatti","doi":"10.1109/INMIC.2008.4777730","DOIUrl":null,"url":null,"abstract":"With the growth of software flaws there is a rise in the demand of security embedding to achieve the goal of secure software development in a more efficient manner. Different practices are in use to keep the software intact. These practices also meant to be scrutinized for better results on the basis of the level of security, efficiency and complexity they are providing. It may also be weighted on the basis of Confidentiality, Integrity and Availability (CIA). Software security is a step by step procedure which can not be achieved just at a specific level but it should be taken into account from the beginning of the Software Development Life Cycle (SDLC). In this paper, we have taken into account some of the best practices for secure software development and categorized them based on the phases in software development lifecycle. The results enable us to draw a clear picture of the best practices in software development which will enable a developer to follow them on a particular SDLC phase.","PeriodicalId":112530,"journal":{"name":"2008 IEEE International Multitopic Conference","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Best practices for software security: An overview\",\"authors\":\"A. Yasar, D. Preuveneers, Y. Berbers, G. Bhatti\",\"doi\":\"10.1109/INMIC.2008.4777730\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the growth of software flaws there is a rise in the demand of security embedding to achieve the goal of secure software development in a more efficient manner. Different practices are in use to keep the software intact. These practices also meant to be scrutinized for better results on the basis of the level of security, efficiency and complexity they are providing. It may also be weighted on the basis of Confidentiality, Integrity and Availability (CIA). Software security is a step by step procedure which can not be achieved just at a specific level but it should be taken into account from the beginning of the Software Development Life Cycle (SDLC). In this paper, we have taken into account some of the best practices for secure software development and categorized them based on the phases in software development lifecycle. The results enable us to draw a clear picture of the best practices in software development which will enable a developer to follow them on a particular SDLC phase.\",\"PeriodicalId\":112530,\"journal\":{\"name\":\"2008 IEEE International Multitopic Conference\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 IEEE International Multitopic Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INMIC.2008.4777730\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 IEEE International Multitopic Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INMIC.2008.4777730","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
With the growth of software flaws there is a rise in the demand of security embedding to achieve the goal of secure software development in a more efficient manner. Different practices are in use to keep the software intact. These practices also meant to be scrutinized for better results on the basis of the level of security, efficiency and complexity they are providing. It may also be weighted on the basis of Confidentiality, Integrity and Availability (CIA). Software security is a step by step procedure which can not be achieved just at a specific level but it should be taken into account from the beginning of the Software Development Life Cycle (SDLC). In this paper, we have taken into account some of the best practices for secure software development and categorized them based on the phases in software development lifecycle. The results enable us to draw a clear picture of the best practices in software development which will enable a developer to follow them on a particular SDLC phase.