Meta-Modeling Based Secure Software Development Processes

Meta-Modeling Based Secure Software Development Processes

Mehrez Essafi (RIADI Laboratory, National School for Computer Science Studies, University of Manouba, Tunis, Tunisia) and Henda Ben Ghezala (RIADI Laboratory, National School for Computer Science Studies, University of Manouba, Tunis, Tunisia)
Copyright: © 2014 |Pages: 19
DOI: 10.4018/ijsse.2014070104
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This work suggests a multilevel support to software developers, who often lack knowledge and skills on how to proceed to develop secure software. In fact, developing software with such quality is a hard and complex task that involves many additional security-dedicated activities which are usually omitted in traditional software development lifecycles or integrated but not efficiently and appropriately deployed in some others. To federate all these software security-assurance activities in a structured way and provide the required guidelines for choosing and using them in a flexible development process, authors used meta-modeling techniques and dynamic process execution that consider developer's affinities and product's states. The proposed approach formalizes existing secure software development processes, allows integration of new ones, prevents ad-hoc executions and is supported by a tool to facilitate its deployment. A case study is given here to exemplify the proposed approach application and to illustrate some of its advantages.
Article Preview

According to, McGraw’s book (2006), “The software security field is a relatively new one. The first book and academic class on the topic appeared in 2001(Viega & McGraw 2001), demonstrating how recent developers, architects and computer scientists have started systematically studying how to build secure software. The field’s recent appearance is one reason why best practices are neither widely adopted nor obvious” (pp. 94).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 8: 4 Issues (2017): 2 Released, 2 Forthcoming
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing