Cost-Effective Development of Secure Applications
| Autor: | David S. Bauer |
|---|---|
| Rok vydání: | 1993 |
| Předmět: |
Information Systems and Management
business.industry Computer science Software development Business process reengineering Computer security computer.software_genre Security controls Software quality Computer Science Applications Software development process Software Risk analysis (engineering) Software security assurance Application security business computer |
| Zdroj: | Information Systems Security. 2:63-71 |
| ISSN: | 1934-869X 1065-898X |
| DOI: | 10.1080/19393559308551356 |
| Popis: | During the last decade, software quality studies proved that poorly conceived and developed software resulted in greatly magnified maintenance costs. In reaction, new software development practices were introduced. Such modern software development methodologies are based on a highly interactive design process that involves the customer at every step. (Note that for purposes of this discussion a customer can refer to an internal department as well as an external partner or client.) Unfortunately, these new practices seem to have been forgotten when it comes to designing and implementing application security controls. This is evident from analysis of the costs associated with applications security controls. The majority of these costs can be attributed either to the reengineering of existing controls to make them conform to security requirements or to the administration of inefficient, overly secured systems. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|