CFP last date
22 April 2024
Reseach Article

Improved Security Evaluation of the Software by using PSSS based Security Analyzer

by Surkhab Shelly, Anil Kumar
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 99 - Number 3
Year of Publication: 2014
Authors: Surkhab Shelly, Anil Kumar
10.5120/17354-7855

Surkhab Shelly, Anil Kumar . Improved Security Evaluation of the Software by using PSSS based Security Analyzer. International Journal of Computer Applications. 99, 3 ( August 2014), 34-40. DOI=10.5120/17354-7855

@article{ 10.5120/17354-7855,
author = { Surkhab Shelly, Anil Kumar },
title = { Improved Security Evaluation of the Software by using PSSS based Security Analyzer },
journal = { International Journal of Computer Applications },
issue_date = { August 2014 },
volume = { 99 },
number = { 3 },
month = { August },
year = { 2014 },
issn = { 0975-8887 },
pages = { 34-40 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume99/number3/17354-7855/ },
doi = { 10.5120/17354-7855 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:27:14.471196+05:30
%A Surkhab Shelly
%A Anil Kumar
%T Improved Security Evaluation of the Software by using PSSS based Security Analyzer
%J International Journal of Computer Applications
%@ 0975-8887
%V 99
%N 3
%P 34-40
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

After analyse the three security processes (CLASP, SDL AND PSSS) it has been selected that the PSSS as security approach to develop a secure project since of its advantages over the other two security processes. The most important objective of PSSS security process is to improve the effectiveness of software security projects. The overall objective of this paper is to evaluate the security analysis of the given software and return a security report which allows programmers to take certain action based upon the outcomes. The main objective of this dissertation is to develop a secure application using PSSS process and the other objectives are- To integrate the each activity of each phase of PSSS in each phase of software development. This paper initiated security process by establishment of a security Engineering approach consisting of security activities forming a process to support the development of more secure software. The validation of the security model has been done by approach by developing a security report through analysis. Thus, one can make its product more secured by rewrite and replacing some security threats in secure manner.

References
  1. Nithin Haridas (2007) "Software Engineering – Security as a Process in the SDLC" © SANS Institute Pg No: 1-27
  2. James Purcell (2013) "Defining and Understanding Security in the Software Development Life Cycle"
  3. Premkumar and Stuart (2000) "Software Engineering for Security: a Roadmap" Copyright ACM 1-58113-253-0/00/6, Pg No:227-239
  4. Shreyas (2002) "Software Engineering for Security: Towards Architecting Secure Software" Information and Computer Science Dept. University of California, Irvine CA 92697
  5. Mike Phillips (2003) "Using a Capability Maturity Model to Derive Security Requirements" © SANS Institute 2003
  6. Louise Yngström, Job Asheri Chaula, and Stewart Kowalski (2004) "Security metrics and evaluation of information systems security" Department of Computer and Systems Sciences, Stockholm University/KTH Forum 100, 164 40 Kista, Sweden
  7. Bart De Win, Riccardo, Koen Buyens, Johan Gregoire and Wouter Joosen (2009) "On the secure software development process: CLASP, SDL and Touchpoints compare" see front matter2008 Elsevier B. V. All rights reserved. doi:10. 1016/j. infsof. 2008. 01. 010, Pg No. 1153-1171
  8. Eric Bodden, Ben Hermann, Johannes Lerch and Mira Mezini (2010) "Reducing human factors in software security architectures"
  9. Francisco José Barreto, Arnaldo Dias Belchior and Adriano Bessa Albuquerque (2010) "Security Engineering Approach to Support Software Security" IEEE 6th World Congress on Services, Pg No. 48-55.
  10. Pavel Nastase, Floarea Nastase and Corina Ionescu (2010) "challenges generated by the implementation of the it standards cobit 4. 1, itil v3 and iso/iec 27002 in enterprises"
  11. Gefei Sun, Kenichi Yajima, Junichi Miura, Kai Shi, Yuichi Goto, and Jingde Cheng, (2012) "A Supporting Tool for Creating and Maintaining Security Targets According to ISO/IEC 15408" 978-1-4673-2008-5/12©2012 IEEE Pg No. 745-749
  12. Danielito (2012) dcvizcayno. wordpress. com
  13. Mandal and S. C. Pal (2012) "Investigating and Analyzing the Desired Characteristics of Software Development Lifecycle (SDLC) Models" International journal of software engineering research & practices vol. 2, issue 4, ISSN: 2231-2048 e-ISSN: 2231-0320 © RG Education Society (INDIA) Pg No. 10-14.
Index Terms

Computer Science
Information Sciences

Keywords

PSSS MODEL SECURITY AND SDLC CLASP SDL ISO SSE-CCM