Building secure software: how to avoid security problems the right way
Building secure software: how to avoid security problems the right way
From the Ground Up: The DIMACS Software Security Workshop
IEEE Security and Privacy
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
A threat-driven approach to modeling and verifying secure software
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
On the Secure Software Development Process: CLASP and SDL Compared
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
A Threat Model Driven Approach for Security Testing
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Model Checking Security Pattern Compositions
QSIC '07 Proceedings of the Seventh International Conference on Quality Software
Integrating security and usability into the requirements and design process
International Journal of Electronic Security and Digital Forensics
Security policy refinement and enforcement for the design of multi-level secure systems
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Software Security; A Vulnerability Activity Revisit
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Secure Software Design in Practice
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Analyzing websites for user-visible security design flaws
Proceedings of the 4th symposium on Usable privacy and security
A UML-Based Framework for Design and Analysis of Dependable Software
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
OVM: an ontology for vulnerability management
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
A Categorization Framework for Common Computer Vulnerabilities and Exposures
The Computer Journal
Towards a comprehensive framework for secure systems development
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Hi-index | 0.00 |
One of the major problems in software security is the lack of knowledge about security among software developers. Even if a developer has good knowledge about current software vulnerabilities, they generally have little or no idea about the causes and measures that can avoid those vulnerabilities. Now it is established fact that most of the vulnerabilities arise in design phase of the software development lifecycle. Keeping in view the importance of software design level security, a study of current software design level vulnerabilities and their cause is conducted. In this paper, we discuss current practices in specific software design tasks, vulnerabilities and mitigation mechanism. On the basis of the critical review, areas of research are identified that warrant further investigation.