Threat Modeling for a Secured Software Development
Main Article Content
Abstract
Security system evaluation is an important and essential activity which could be conducted at different stages in the life cycle of a software development. Understanding the threats to the software is critical step in creating a secure product. Recent researches have demonstrated that threat modeling can provide a basis for building flawless software that can withstand any potential attack. Threat modeling plays an important role in developing secure software which describes a threat subjected on to a system and the harm that could arise on vulnerabilities. The vulnerabilities or loop holes in the securities arise as flaws in requirement specification or designing or results in incomplete implementation or throw out several bugs in testing stage. Increase in the complexity of the software, possibly introduces more design errors which leads to security vulnerabilities and increases security attacks. Hence, it is insisted that the security issues must no more be considered as non-functional requirements and isolated to single phase alone in Software Development Life Cycle (SDLC). These security issues can be well identified using the threat modeling followed in almost all the phases in SDLC.
Â
Keywords: Software Development Life Cycle (SDLC), Threat Modeling, Threat, Requirement, Design, Development, Testing.
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.