IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Secure by Design: Developing Secure Software Systems from the Ground Up

Secure by Design: Developing Secure Software Systems from the Ground Up
View Sample PDF
Author(s): Haralambos Mouratidis (University of East London, UK)and Miao Kang (Powerchex Ltd., UK)
 Copyright: 2012
 Pages: 19
 Source title: Computer Engineering: Concepts, Methodologies, Tools and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
 DOI: 10.4018/978-1-61350-456-7.ch108

Purchase

View Secure by Design: Developing Secure Software Systems from the Ground Up on the publisher's website for pricing and purchasing information.

Abstract

This paper describes results and reflects on the experience of engineering a secure web based system for the pre-employment screening domain. In particular, the paper presents results from a Knowledge Transfer Partnership (KTP) project between the School of Computing, IT and Engineering at the University of East London and the London-based award winning pre-employment company Powerchex Ltd. The Secure Tropos methodology, which is based on the principle of secure by design, has been applied to the project to guide the development of a web based system to support employment reference and background checking specifically for the financial services industry. Findings indicate the potential of the methodology for the development of secure web based systems, and support the argument of incorporating security considerations from the early stages of the software development process, i.e., the idea of secure by design. The developed system was tested by a third, independent to the project, party using a well known method of security testing, i.e., penetration testing, and the results provided did not indicate the presence of any major security problems. The experience and lessons learned by the application of the methodology to an industrial setting are also discussed in the paper.

Related Content

R. N. Ravikumar, S. Aarthi, Yulduz Urazbaeva, Zamira Atamuratova, Sadullayeva Moxinur, Jakhongir Shaturaev. © 2026. 32 pages.
Arjun Bali, Siddharth Kashiramka, Anshuman Guha, Prashant Gupta. © 2026. 30 pages.
Vishal Jain, Archan Mitra, Sanchita Paul. © 2026. 32 pages.
Krithikaa Venket. © 2026. 26 pages.
Nuraisa Novia Hidayati, Agung Santosa, Elvira Nurfadhilah, Andi Djalal Latief, Kokoy Siti Komariah, Asril Jarin, Siska Pebiana, Yuyun Wabula, Radhiyatul Fajri, Tri Sampurno. © 2026. 50 pages.
Piyush Amol Bhosale, Shravani Kulkarni, Amna Kausar, Aditya Shrivastav, Susanta Das. © 2026. 26 pages.
Vishal Jain, Archan Mitra. © 2026. 22 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2026, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.