Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model
For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerab...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2024-01-01
|
| Series: | Journal of Engineering |
| Online Access: | http://dx.doi.org/10.1155/2024/9962691 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832559687242874880 |
|---|---|
| author | Shariq Hussain Haris Anwaar Kashif Sultan Umar Mahmud Sherjeel Farooqui Tehmina Karamat Ibrahima Kalil Toure |
| author_facet | Shariq Hussain Haris Anwaar Kashif Sultan Umar Mahmud Sherjeel Farooqui Tehmina Karamat Ibrahima Kalil Toure |
| author_sort | Shariq Hussain |
| collection | DOAJ |
| description | For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques. |
| format | Article |
| id | doaj-art-470f0048c8834e87bf8d5e2d67dce70f |
| institution | Kabale University |
| issn | 2314-4912 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | Journal of Engineering |
| spelling | doaj-art-470f0048c8834e87bf8d5e2d67dce70f2025-02-03T01:29:31ZengWileyJournal of Engineering2314-49122024-01-01202410.1155/2024/9962691Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall ModelShariq Hussain0Haris Anwaar1Kashif Sultan2Umar Mahmud3Sherjeel Farooqui4Tehmina Karamat5Ibrahima Kalil Toure6Department of Software EngineeringDepartment of ElectricalDepartment of Software EngineeringDepartment of Software EngineeringDepartment of Software EngineeringDepartment of Software EngineeringDepartment of Computer ScienceFor the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques.http://dx.doi.org/10.1155/2024/9962691 |
| spellingShingle | Shariq Hussain Haris Anwaar Kashif Sultan Umar Mahmud Sherjeel Farooqui Tehmina Karamat Ibrahima Kalil Toure Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model Journal of Engineering |
| title | Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model |
| title_full | Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model |
| title_fullStr | Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model |
| title_full_unstemmed | Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model |
| title_short | Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model |
| title_sort | mitigating software vulnerabilities through secure software development with a policy driven waterfall model |
| url | http://dx.doi.org/10.1155/2024/9962691 |
| work_keys_str_mv | AT shariqhussain mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT harisanwaar mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT kashifsultan mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT umarmahmud mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT sherjeelfarooqui mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT tehminakaramat mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel AT ibrahimakaliltoure mitigatingsoftwarevulnerabilitiesthroughsecuresoftwaredevelopmentwithapolicydrivenwaterfallmodel |