Title | A Preliminary Structure of Software Security Assurance Model |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Khan, R. A., Khan, S. U. |
Conference Name | 2018 IEEE/ACM 13th International Conference on Global Software Engineering (ICGSE) |
Keywords | case study, composability, empirical study, Global Software Development, global software development vendors, GSD vendor organisations, pubcrawl, Scalability, SDLC, secure software, security challenges, security of data, SMS, software assurance, software development life cycle, software development methodologies, software engineering, software security, software security assurance model, software security contributions, SSAM model, systematic literature review, systematic mapping study, Vendors |
Abstract | Software security is an important aspect that needs to be considered during the entire software development life cycle (SDLC). Integrating software security at each phase of SDLC has become an urgent need. To address software security, various approaches, techniques, methods, practices, and models have been proposed and developed. However, recent research shows that many software development methodologies do not explicitly include methods for incorporating software security during the development of software as it evolves from requirements engineering to its final disposal. The primary objective of this research is to study the state-of-the-art of security in the context of SDLC by following systematic mapping study (SMS). In the second phase, we will identify, through systematic literature review (SLR) and empirical study in the industry, the software security contributions, security challenges and their practices for global software development (GSD) vendors. The ultimate aim is to develop a Software Security Assurance Model (SSAM) to assist GSD vendor organisations in measuring their readiness towards the development of secure software. |
Citation Key | khan_preliminary_2018 |