Advertisement

Why Secure Coding is not Enough: Professionals’ Perspective

  • John Colley

Abstract

This paper outlines basic concepts the software community must consider if they are to develop applications and software that is secure. In particular it explains why the common practice of depending on secure coding mechanisms are not enough. Beginning with the drivers for more secure applications and software, and why it is now becoming such an issue, if not a new issue, it examines the problem in terms of why software and applications are delivered without security built in to them and goes on to discuss what we should be doing about it and how we need to go about it, sharing insights that have recently been accumulated by the new and growing community of Certified Secure Software Development Lifecycle professionals.

Keywords

Security Requirement Security Control Privacy Requirement Secure Software Development Life Cycle 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Paul, Mano CISSP, MCAD, MCSD, Network+, ECSA, Software Assurance Advisor, (ISC) 2 Whitepaper: The Need for Secure Software, (ISC), 2008Google Scholar
  2. Paul, Mano CISSP, MCAD, MCSD, Network+, ECSA, Software Assurance Advisor, (ISC) 2 Whitepaper: Ten Best Practices for Secure Software Development Google Scholar

Copyright information

© Vieweg+Teubner | GWV Fachverlage GmbH 2010

Authors and Affiliations

  • John Colley
    • 1
  1. 1.CISSP, (ISC)2 EMEAUK

Personalised recommendations