|
PROJECT DETAIL
ABOUT THE PROJECT:
Security is a crucial issue for all organization. Security of business processes is success key of an enterprise. Therefore, organizations are continuously increasing their resources to protect their business process against malevolent approaches and security threats.
Software Security estimation is required to access performance and the degree of protection. Undesirable threats, takes advantage of hardware and software weaknesses or vulnerabilities can impact the violation and breakdown of availability, integrity, confidentiality and no repudiation as well as other aspects of software security such as authentication, privacy and encryption.
Security team can collaborate during design phase to make software secure. During design phase software is extremely malleable phase. At the end of software development to implementing security increases the complexity and cost of making changes. Security should be integrated and treated on a par with other system properties. Using the concept of software security estimation during the development of software, security can be measured by analyzing the design activities. Measurement of security attributes and its impact on software, security team may improve/ control software security. This will affect the performance and quality of software.
Quantitative analysis of software security at early stage enables the evaluation and assessment of security and provides the basis for assessment of security technologies. Quantification of security will help to dissolve tradeoffs between security goal and cost. Such a practice may prove to be highly fruitful for many reasons including:
» It reduces the cost of change, as late identification of software and mitigation of vulnerability are much more costly than earlier one.
» It helps in better security monitoring of software under development.
» It assists software practitioners in empirical refinement of the process.
» It reduces efforts in producing secure software.
Therefore, there is need to develop a mechanism to quantitatively estimate software security in design phase of development life cycle. A study on development of a mechanism to quantify software security early in the development life cycle is proposed under the aegis of the problem entitled "Quantifying Security in Early Stage of Development Life Cycle-An Object Oriented Software Perspective".
OBJECTIVE OF PROJECT:
This project is aimed to explore the possibilities for developing a methodology to estimate software security in early stage of software development life cycle in order to optimize the security assurance effort at overall level. Basic idea is to quantify security at design phase Of SDLC and fix the problems at earliest without any delay. In order to achieve the most generic goals of working out a prescriptive framework for quantifying software security in design phase, following objectives were set forth:
» To review and critically examine the literature on software security, security model, quantification approach, and available metrics.
» To develop a viable and prescriptive framework for measuring software security at early stage of software development life cycle.
» To validate and test the proposed framework.
» To develop an object oriented security estimation model to be used at design phase.
» To validate the proposed model.
|
