Sciweavers

DEXAW
2008
IEEE

Incorporating Database Systems into a Secure Software Development Methodology

14 years 2 months ago
Incorporating Database Systems into a Secure Software Development Methodology
We have proposed in the past three separate methodologies for secure software development. We have found that they have many common and complementary aspects and we proposed a combination of them that appears as a good approach to secure software development. The combined methodology applies security at all stages, considers the architectural levels of the system, applies security policies through the use of patterns, and formalizes some portions of the design. We have studied in some detail how to elicit and describe security requirements, how to reflect these requirements in the conceptual model, how to estimate some performance aspects, how to formalize some aspects such as communication protocols, and how to map the conceptual requirements into design artifacts. A design aspect which we have not studied is the incorporation of databases as part of the secure architecture. The database system is a fundamental aspect for security because it stores the persistent information, which c...
Eduardo B. Fernández, Jan Jürjens, Nob
Added 19 Oct 2010
Updated 19 Oct 2010
Type Conference
Year 2008
Where DEXAW
Authors Eduardo B. Fernández, Jan Jürjens, Nobukazu Yoshioka, Hironori Washizaki
Comments (0)