Software, Attacker and Asset-centric Approach for Improving Security in System Development Process

TL;DR

This paper explores a comprehensive approach that centers on software, attackers, and assets to enhance security throughout the software development lifecycle, addressing modern security challenges.

Contribution

It introduces a novel integrated framework focusing on security considerations for software, attackers, and assets during development, aiming to improve security practices.

Findings

Identifies current security challenges in software development.

Proposes methodologies for integrating security at all development phases.

Highlights the importance of continuous security updates and modern policies.

Abstract

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software developer, it is very crucial to implement and develop a highly secured and reliable program for clients and users. In this current digital world where everything is advancing faster than we can ever think of, most of the old security policies can no longer be implemented alone. The consequences and impacts that could be brought upon a company are really huge if the software applications are not secured according to the modern trend. Therefore, in this paper research is done to asses the security integration in software development process. The concept and the purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development. With a better and clearer explanation of these issues, challenges, and methodologies adopted to overcome them are discussed which can potentially provide a better and higher level of security along with better software programmers and client relationship. To comply with future demands and threats, security concerns need to be involved in all phases while developing a software system. Therefore, an effort is made to investigate and contribute to this domain through this paper.