Software Security Engineering – Part II: Security Policy, Analysis, and Design

View Sample PDF

Author(s): Issa Traore (University of Victoria, Canada)and Isaac Woungang (Ryerson University, Canada)
Copyright: 2013
Pages: 29
Source title: Software Development Techniques for Constructive Information Systems Design
Source Author(s)/Editor(s): Khalid A. Buragga (King Faisal University, Saudi Arabia)and Noor Zaman (King Faisal University, Saudi Arabia)
DOI: 10.4018/978-1-4666-3679-8.ch013

Keywords: Computer Science & IT / Information Science Reference / Systems & Software Design / Systems and Software Engineering

Purchase

View Software Security Engineering – Part II: Security Policy, Analysis, and Design on the publisher's website for pricing and purchasing information.

Abstract

This chapter explains the major objectives of a security policy, with focus on how applications that can protect data at all access points can be developed. Access control models and their known issues are discussed. From a security policy prospective, the security design principles and modeling using the UML are also discussed. In addition, an informal discussion on potential software security metrics that can be used for security measurement, and that are currently the purpose of active research, is conducted. Finally, a discussion on security testing involving the use of these metrics, are discussed. Several examples are used to illustrate the studied concepts.

The IRMA Community

Research IRM

Software Security Engineering – Part II: Security Policy, Analysis, and Design

Purchase

Abstract

Related Content

IRMA Sponsors