Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model-Reference-Cited by-同舟云学术

Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model

Published:2024-02-21 Issue: Volume:2024 Page:1-15
ISSN:2314-4912
Container-title:Journal of Engineering
language:en
Short-container-title:Journal of Engineering

Author:

Hussain Shariq¹^ORCID,Anwaar Haris²^ORCID,Sultan Kashif³^ORCID,Mahmud Umar¹^ORCID,Farooqui Sherjeel¹^ORCID,Karamat Tehmina¹^ORCID,Toure Ibrahima Kalil⁴^ORCID

Affiliation:

1. Department of Software Engineering, Foundation University Islamabad (FUI), Islamabad, Pakistan

2. Department of Electrical, Electronics and Telecommunication Engineering, University of Engineering and Technology, Lahore, Pakistan

3. Department of Software Engineering, Bahria University Islamabad, Islamabad, Pakistan

4. Department of Computer Science, Gamal Abdel Nasser University, Conakry, Guinea

Abstract

For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques.

Publisher

Hindawi Limited

Link

http://downloads.hindawi.com/journals/je/2024/9962691.pdf

Reference69 articles.

1. The Real Cost of Software Errors

2. Building secure software: better than protecting bad software

3. Realizing IoE for smart service delivery: case of museum tour guide;U. Mahmud,2020

4. A Distributed Emergency Vehicle Transit System Using Artificial Intelligence of Things (DEVeTS-AIoT)

5. Car e-talk: an IoT-enabled cloud-assisted smart fleet maintenance system;S. Hussain;Institute of Electrical and Electronics Engineers Internet of Things Journal,2020

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Security Considerations in Generative AI for Web Applications;Advances in Information Security, Privacy, and Ethics;2024-07-26