Case Study: Secure Web Development

Case Study: Secure Web Development

Daljit Kaur (Lyallpur Khalsa College, India) and Parminder Kaur (Guru Nanak Dev University, India)
DOI: 10.4018/978-1-4666-2958-5.ch014
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This chapter is an effort to develop secure web applications based on known vulnerabilities. It has been seen that in the rapid race of developing web applications in minimum time and budget, security is given the least importance, and a consequence of which is that web applications are developed and hosted with a number of vulnerabilities in them. In this race, one thing is constant that attackers take advantage of weaknesses existing in technology for financial gain and theft of intellectual property. In this proposed method of secure web development, most common vulnerabilities and their occurrence in development process is discussed. Mapping vulnerabilities to the actions needed to take during development process may help developers to understand vulnerability and avoid vulnerabilities in application.
Chapter Preview
Top

There are existing processes, standards, life cycle models, frameworks, and methodologies that support or could support secure software development. Security Development Lifecycle (SDL), which focuses on producing secure software, is a software assurance methodology and tool that aims at assisting software developers, designers, builders, and educators in improving the security of software production. SDL prescribes activities to embed security into applications and supplies the foundation for a broad software security assurance that extends across an IT enterprise (FOR), (Hajar and Salman, 2011). The SDL introduces security and privacy throughout all phases of the development process. SDL includes five phases: Training, policy, and organizational capabilities, Requirements and design, Implementation, Verification, and Release and response. It includes mandatory security activities executed as part of a software development process.

Complete Chapter List

Search this Book:
Reset