Ensuring Secure Software Design Using Secure Design Template Repository

Ensuring software security by designing a project to be secure from its inception is much more efficient and cost effective than securing software after the fact. The concept of secure software design is not new, but is frequently hard to implement without extensive knowledge of software security. T...

Full description

Saved in:
Bibliographic Details
Published in:Michigan academician 2021-01, Vol.47 (3), p.23-23
Main Authors: Panja, Biswajit, Meharia, Priyanka, Soncrant, Josia, Soncrant, Jonathon, Jia, Qian, Eagle, Tyrus
Format: Article
Language:English
Subjects:
Product design
Software
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Ensuring software security by designing a project to be secure from its inception is much more efficient and cost effective than securing software after the fact. The concept of secure software design is not new, but is frequently hard to implement without extensive knowledge of software security. This can be because it is difficult to predict security vulnerabilities if an individual is unfamiliar with all types of potential attacks, or because even if a correct solution is applied it may be implemented incorrectly and thus not fix the vulnerability it is intended to. We propose a Secure Template Repository. This repository would contain abstract templates that describe a system made out of several secure modules. Each module would be tied to either a product or code fragment, secure product, or secure platform such that the predesigned fragments could be implemented within a software project and be assumed secure. This repository could be customized by an individual design team to ensure that a design is secure. This repository would greatly streamline the process of developing secure software and reduce the cost of it's design. Additionally, any defects found within the system, such as vulnerable points to malicious users, wouldn't only be solved for a single program. They'd be solved for every program which implement this process.
ISSN:0026-2005
2167-8634