Security engineering and the application life cycle
作者: Michael Dunner , Srinath Vasireddy , John Meier , Blaine Wastell
DOI:
关键词: Security through obscurity 、 Security engineering 、 Software engineering 、 Systems engineering 、 Security service 、 Software security assurance 、 Computer security model 、 Application security 、 Security testing 、 Security information and event management 、 Engineering
摘要: A novel approach to security engineering that leverages expertise enable a user design, build and deploy secure applications is disclosed. In doing so, the innovation discloses techniques mechanisms integrate into application development lifecycle adapt current software practices methodologies include specific related activities. These activities identifying objectives, creating threat models, applying design guidelines, patterns principles, conducting inspections, performing regular code testing for security, deployment inspections ensure configuration.
lens.org 参考文章(16)
Todd Flemming, Method and system for implementing a security application services provider ,(2001)
John Hostetler, Method for validating software development maturity ,(2005)
Miki Mullor, Method of securing software against reverse engineering ,(2002)
Edward W. Balunas, Lloyd E. Smith, Program planning management system ,(1997)
Sanjay Wanchoo, Alex C. Wang, Robert L. Geiger, Alan W. Chan, Ronald R. Smith, Jyh-Han Lin, Method for permitting debugging and testing of software on a mobile communication device in a secure environment ,(2001)
Mark J. Granger, Cyrus E. Smith, Matthew I. Hoffman, Use of code obfuscation to inhibit generation of non-use-restricted versions of copy protected software applications ,(1998)
Stephen Barrett, Colum Higgins, Malcolm Evans, Colum Twomey, Software development process ,(2001)
Brian Chess, Roger Thornton, Sean Fay, Arthur Do, Apparatus and method for developing, testing and monitoring secure software ,(2005)
Emily Ratliff, Kylene Hall, Dustin Kirkland, System for managing security index scores ,(2004)
Ronald G. Genise, Edison T. Hudson, Distributed machine control software architecture ,(2001)