Home | | Information Management | The Nature of Software Development

Chapter: Security in Computing : Program Security

The Nature of Software Development

Software development is often considered a solitary effort; a programmer sits with a specification or design and grinds out line after line of code.

The Nature of Software Development

 

Software development is often considered a solitary effort; a programmer sits with a specification or design and grinds out line after line of code. But in fact, software development is a collaborative effort, involving people with different skill sets who combine their expertise to produce a working product. Development requires people who can

 

·      specify the system, by capturing the requirements and building a model of how the system should work from the users' point of view

 

·      design the system, by proposing a solution to the problem described by the requirements and building a model of the solution

 

·      implement the system, by using the design as a blueprint for building a working solution

 

·      test the system, to ensure that it meets the requirements and implements the solution as called for in the design

 

·      review the system at various stages, to make sure that the end products are consistent with the specification and design models

 

·      document the system, so that users can be trained and supported

 

·      manage the system, to estimate what resources will be needed for development and to track when the system will be done

 

·      maintain the system, tracking problems found, changes needed, and changes made, and evaluating their effects on overall quality and functionality

 

One person could do all these things. But more often than not, a team of developers works together to perform these tasks. Sometimes a team member does more than one activity; a tester can take part in a requirements review, for example, or an implementer can write documentation. Each team is different, and team dynamics play a large role in the team's success.

 

Keep in mind the kinds of sophisticated attacks described in the previous section. Balfanz  reminds us that we must design systems that are both secure and usable, recommending these points:

 

·      You can't retrofit usable security.

 

·      Tools aren't solutions.

 

·      Mind the upper layers.

 

·      Keep the customers satisfied.

 

·      Think locally; act locally.

 

We can examine product and process to see how both contribute to quality and in particular to security as an aspect of quality. Let us begin with the product, to get a sense of how we recognize high-quality secure software.

 

Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Security in Computing : Program Security : The Nature of Software Development |

Related Topics

Information Management
Anna University - All Subjects
Anna University IT - All Subjects
Engineering - All Subjects
Information Technology Engineering - All Subjects
Security in Computing : Program Security
Program Security
Secure Programs
Nonmalicious Program Errors
Viruses and Other Malicious Code
Nonmalicious Flaws Cause Failures
Why Worry About Malicious Code?
Kinds of Malicious Code
Rapidly Approaching Zero
How Viruses Attach
How Viruses Gain Control
Homes for Viruses
Virus Signatures
The Source of Viruses
Prevention of Virus Infection
Truths and Misconceptions About Viruses
First Example of Malicious Code: The Brain Virus
Example: The Internet Worm
More Malicious Code: Code Red
Malicious Code on the Web: Web Bugs
Is the Cure Worse Than the Disease?
Trapdoors - Targeted Malicious Code: Examples, Causes
Salami Attack
Rootkits and the Sony XCP
Privilege Escalation
Interface Illusions


Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.