期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2016
卷号:10
期号:6
页码:145-154
DOI:10.14257/ijsia.2016.10.6.15
出版社:SERSC
摘要:As interests in security increases, several software development lifecycle considering security have been proposed. Actual results of applying software development lifecycle considering security reduced threats have been reported. But to apply software development lifecycle considering security, requires expertise and experiences. In this paper a secure software development lifecycle applying integrated secure guide is proposed. Secure Guides such as Misuse Case, Security Patterns and Secure Coding are integrated in the proposed method. And then, by applying integrated Secure Guide in each software development phase, the security becomes available in every phase of software development. Since, proposed secure guide provides more security information than available secure guides, software developer can use more security information while they are developing software. As a result, it is expected that developers could consider security more easily when developing software even though developers lacks expertise in security or experience.