We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Call for Paper
December Edition
IJCA solicits high quality original research papers for the upcoming December edition of the journal. The last date of research paper submission is 20 November 2024

Submit your paper
Know more
Reseach Article

Security Engineering towards Building a Secure Software

by Mohammad Nazmul Alam, Subhra Prosun Paul, Shahrin Chowdhury
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 81 - Number 6
Year of Publication: 2013
Authors: Mohammad Nazmul Alam, Subhra Prosun Paul, Shahrin Chowdhury
10.5120/14017-2170

Mohammad Nazmul Alam, Subhra Prosun Paul, Shahrin Chowdhury . Security Engineering towards Building a Secure Software. International Journal of Computer Applications. 81, 6 ( November 2013), 32-37. DOI=10.5120/14017-2170

@article{ 10.5120/14017-2170,
author = { Mohammad Nazmul Alam, Subhra Prosun Paul, Shahrin Chowdhury },
title = { Security Engineering towards Building a Secure Software },
journal = { International Journal of Computer Applications },
issue_date = { November 2013 },
volume = { 81 },
number = { 6 },
month = { November },
year = { 2013 },
issn = { 0975-8887 },
pages = { 32-37 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume81/number6/14017-2170/ },
doi = { 10.5120/14017-2170 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:55:23.009268+05:30
%A Mohammad Nazmul Alam
%A Subhra Prosun Paul
%A Shahrin Chowdhury
%T Security Engineering towards Building a Secure Software
%J International Journal of Computer Applications
%@ 0975-8887
%V 81
%N 6
%P 32-37
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Information Systems Security is one of the most critical challenges presently facing nearly every one of the organizations. However, making certain security and quality in both information and the systems which control information is a difficult goal necessitating the mixture of two wide research disciplines which are typically separate: security engineering and secure software engineering. Security engineering has an extensive history, and has focused generally on providing advances in security models, techniques and protocols, but it remains in a steady state of the development. Secure software engineering, however, has emerged relatively recently, but is growing quickly and is paying attention on the integration of security into software engineering techniques; models and processes, in order to build up more secure information systems. In the study of security engineering, security described as the protection from harm. It presented the principles of security, the number of security mechanisms and the risk analysis to identify the risk. In the study of secure software engineering, it has been identified a number of challenges that need to establish for developing the secure software system. We also investigated a number of methods and languages that is modeling the security into software systems.

References
  1. Premkumar T. Devanbu, Software Engineering for Security: a Roadmap, University of California, Davis, CA, USA 95616, 2000.
  2. A. Jacobsson, Privacy and Security in Internet-based Information Systems, Bleking Institute of technology, Sweden, Doctoral Dissertation Series No. 2008:02, 2008.
  3. H. Mouratidis and P. Giorgini (eds), Integrating Security and Software Engineering: Advances and Future Vision, Idea group, IGI Publishing Group, 2006.
  4. R. Anderson, Security Engineering-A Guide to Building Dependable Distributed Systems, John Wiley & Sons, New York, NY. 2001
  5. M. Bishop, Introduction to computer Security, Addison Wesley, Boston, MA, 2004.
  6. M. Chapple, the GSEC Prep Guide: Mastering SANS GIAC Security Essentials, John Wiley & Sons, New York, NY, 2003.
  7. D. Golmann, Computer Security, Second edition, Jhon Wiley & Sons, New York, NY, 2001.
  8. R. G. Smith, Authentication: From Password to public keys, Addison Wesley Proffesional, Boston, MA, 2002
  9. P. L Bernstein, Against the Gods-The remarkable Story of Risk, Jhon Wiley & Sons, Inc. , New York, NY, 1998.
  10. T. R. Peltier, Information security Risk Analysis, Second edition,Auerbach publications, Boca Ranton,FL,2005.
  11. Ivan Victor Krsul, Software Vulnerability Analysis, PhD thesis, submitted to the Faculty of Purdue University, May 1998.
  12. Front Line Defenders : http://www. frontlinedefenders. org [Acc. 21 Sep 2013]
  13. N. R. Mead, Identifying security requirement engineering using of the security quality requirement engineering (SQUARE) method chapter iii, Integrating security and software engineering, Advances and future vision, idea group publishing, 2006.
  14. E. Yu, et al. A social ontology for integrating security and software engineeringchapter iv, Integrating security and software engineering,Advances and future vision, idea group publishing,2006.
  15. F. B. Fernandez, et al. A Methodology to develop secure systems using patterns, sectionII, chapterv, Integrating security and software engineering, Advances and future vision, idea group publishing, 2006
  16. M. Weissecurity pattern using NFR analysis, chapter disintegrating security and software engineering, Advances and future vision, idea group publishing,2006.
  17. M. siponen, et al. Extending security in agile software development methods section iii, chapter vi, Integrating security and software engineering, Advances and future vision, idea group publishing, 2006.
  18. H. Mouratidis, et al. Modelling security and trust with secure tropos chapter viii, Integrating security and software engineering, Advances and future vision, idea group publishing, 2006.
  19. M. Koch, et al. Access control specification in UMLchapter x, Integrating security and software engineering, Advances and future vision, idea group publishing, 2006.
  20. TorstenLodderstedt, David Basin, and Jürgen Doser, SecureUML: A UML-Based Modeling Language for Model-Driven Security, Institute for Computer Science, University of Freiburg, Germany, 2001
  21. Brose,G. ,Access control management system in distributed object systems, PhD Thesis,FreieUniversitat Berlin,2001
  22. DušanŠimšík, AlenaGalajdová, ZlaticaDolná, Jana Andrejková ,The Ambient Intelligent and the assistive technologies for elderly, visually and hearing impaired users in Slovakia Technical University of Košice, Faculty of Mechanical Engineering, Department of Instrumental and Biomedical Engineering, Letná 9, 042 00, Košice, Slovak republic,2007
  23. Antonio Maña. (et al). Security engineering for Ambient Intelligence: A Manifesto, 2003
  24. A. Mana, et al . Security engineering for ambient intelligent: A Manifesto chapter xi, Integrating security and software engineering, Advances and future vision, idea group publishing,2006.
  25. K. Ducatel, M. Bogdanowicz, F. Scapolo, J. Leijten& J-C. Burgelman, Scenarios for Ambient Intelligent in 2010, 2001
  26. Eric Filiol, Portable Document Format Security Analysis and malware Threats, Army Signals Academy-Virology and Cryptology Laboratory, France, 2008.
Index Terms

Computer Science
Information Sciences

Keywords

Security Engineering Secure Software Engineering Threat Risk Vulnerabilities.