We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 December 2024
Reseach Article

Multilevel Security Spiral (MSS) Model: NOVEL Approach

by Shams Tabrez Siddiqui, Hatem S A Hamatta, M. U. Bokhari
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 65 - Number 20
Year of Publication: 2013
Authors: Shams Tabrez Siddiqui, Hatem S A Hamatta, M. U. Bokhari
10.5120/11040-6328

Shams Tabrez Siddiqui, Hatem S A Hamatta, M. U. Bokhari . Multilevel Security Spiral (MSS) Model: NOVEL Approach. International Journal of Computer Applications. 65, 20 ( March 2013), 15-20. DOI=10.5120/11040-6328

@article{ 10.5120/11040-6328,
author = { Shams Tabrez Siddiqui, Hatem S A Hamatta, M. U. Bokhari },
title = { Multilevel Security Spiral (MSS) Model: NOVEL Approach },
journal = { International Journal of Computer Applications },
issue_date = { March 2013 },
volume = { 65 },
number = { 20 },
month = { March },
year = { 2013 },
issn = { 0975-8887 },
pages = { 15-20 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume65/number20/11040-6328/ },
doi = { 10.5120/11040-6328 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:19:21.445731+05:30
%A Shams Tabrez Siddiqui
%A Hatem S A Hamatta
%A M. U. Bokhari
%T Multilevel Security Spiral (MSS) Model: NOVEL Approach
%J International Journal of Computer Applications
%@ 0975-8887
%V 65
%N 20
%P 15-20
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In software system development, security is a very crucial issue and is the demand of time in this connected world. But often engineers think after software development. Security should be given higher priority in software development life cycle. Considering security from early stages of life indicates good research and development. This paper mainly focuses on security activities involve in developing secure software's. Identifying security risks and managing those risks based on spiral model. A new spiral model with Multilevel Security Spiral (MSS) has been proposed with security activities.

References
  1. G. McGraw, "Managing Software Security Risks",IEEE Security & Privacy, Volume 2, Issue 2, Mar- Apr 2004, Page(s): 80-83.
  2. M. I. Daud,"Secure Software Development Model: A Guide for Secure Software Life Cycle", Proceedings of the international MultiConference of Engineers and Computer Scientists 2010, Hong Kong.
  3. P. Jalote, "An Integrated Approach to software Engineering" 2nd Edn, Springer,1997.
  4. Guttom Sindre, Andreas L. Opdahl, "Eliciting Security Requirements by Misuse Cases", IEEE Explore, 2000.
  5. H. M. Shirazi, "A new model for secure software development", Int J. Intellig. Inform, Technol. Appl, 2009.
  6. Algirdas Avi_zienis, Fellow, IEEE, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, "Basic Concept and Taxonomy of Dependable and Secure Computing", IEEE Transactions on Dependable and Secure Computing, Vol. 1,No. 1, January-March 2004.
  7. Steve Lipner, Michael Howard, "The Trustworthy computing Security Development Lifecycle", Microsoft Corporation. March 2005.
  8. Daljit kaur, Parminder kaur and Hardeep Singh, "Secure Spiral: A Secure Software development Model", Journal of Software Engineering 6(1): 10-15, 2012.
  9. Michael Howard and David LeBlanc, "Writing Secure Code", Second Edition, Microsoft Press, 2002.
  10. Kenneth R, "Bridging the Gap between Software Development and Information Security", Security & Privacy Magazine, IEEE, volume 3, issue 5, Sep- Oct, 2005, Page(s):75-79.
  11. Elfriede Dustin, "The Secure Software Development Lifecycle", Dev Source (sponsored by Microsoft), 2006.
  12. Bruce Potter, "Software Security Testing", IEEE Security & Privacy Magazine, volume 2, issue 5, Sep-Oct, 2004, Page(s) 81-85.
  13. Barry W. Boehm, "A Spiral Model of Software Development and Enhancement", TRW Defense Systems Group. Volume 21, Issue-5, 1988
  14. J. Whittaker, "Why Secure Applications Are Difficult to write", IEEE Security & Privacy Magazine, volume 1, issue 2, 2003, Page(s) 81-83.
  15. H. H. Thompson, "Why Security Testing is Hard", IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 83–86.
  16. Michael Howard, "A Process of Performing Security Code Reviews", Security & Privacy Magazine, IEEE, volume 4, issue 4, Jul- Aug, 2006, Page(s): 74-79.
  17. M. U. Bokhari and Shams T. Siddiqui, "A Comparative study of software requirements tools for secure software Development" BVICAM'S International Journal of IT(BIJIT), 2010.
  18. G. McGraw, "Adopting an Enterprise Software Security Framework", Security & Privacy Magazine, IEEE, volume 4, issue 2, Mar-Apr, 2006, Page(s): 84-87.
  19. A. S Sodiya, S. A. Onashoga, and O. B. Ajayi, "Towards Building Secure Software Systems", Volume 3, 2006.
  20. Len Bass, Paul Clements, and Rick Kazman, "Software Architecture in Practice",Second Edition. Addison Wesley 2003.
  21. Asoke K Talukder, "Security-aware Software Developemnt Life Cycle(SaSDLC)- Processes and Tools", IWOCON 2009, Cairo,Egypt, 28-30 April 2009.
  22. Gunar Peterson, "Collboration in Secure Development Process, Part 2", Information Security Bullettin, Volume 9, Page 210, June 2004.
  23. Michael Howard, "A Look Inside the Security Development Lifecycle at Microsoft", MSDN Magazine, November 2005.
  24. M. U. Bokhari and Shams T. Siddiqui, "Metrics for Requirement Engineering and Automated Requirement Tools", Proceedings of the 5th National Conference; INDIACom-2011, New Delhi.
  25. K. Hans, "Cutting edge practices for secure software engineering. Int. J. Comput Sci Security", 2010 4: 403-408.
  26. Peter Eeles, Senior IT Architect, IBM, "What is software architecture", 15th Feb 2006.
  27. Michael Howard, "Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users". MSDN Magazine, November 2004.
  28. M. U. Bokhari, Shams T. Siddiqui and Hatem S. A. Hamatta ," Object Oriented Software Security in Design Phase", IJCST Vol. 3, Issue 4, Oct- Dec 2012.
  29. William tozier. com, "Notional Slurry | Pontification without all the gritty gravitas - Bill Tozier's".
  30. Nabil Mohammed Ali Munassar and A. Govardhan, "A Comparison between Five Models of Software Engineering", International Journal of Computer Science Issues, Vol. 7, Issue 5, September 2010.
  31. Zeepedia. com, Online book . Com [Online]. See on link, http://www. zeepedia. com/read. php?spiral_model_determine_objectives_alternatives_and_constraints_prototyping_information_systems&b=14&c=21.
  32. Reed Sorensen, "A Comparison of Software Development Methodologies" , Software Technology Support Center, 1995.
Index Terms

Computer Science
Information Sciences

Keywords

Software security risks multilevel security spiral software development life cycle