"Secure at the Source" - An Article Review
$19.95 Buy and instantly download this paper now
This paper reviews and analyzes R. Berg's article about security vulnerabilities in the software industry entitled "Secure at the Source." According to the review, the article highlights a number of different techniques that can be used to effectively improve security design during the software development lifecycle. These techniques are believed to provide the greatest insights as to how software manufacturers can address security vulnerabilities. The paper highlights the process of the software development lifecycle and at which point to include security design. Various models for this are presented, and their advantages and disadvantages described. Despite the different models, the review notes that there are a number of security related issues that must be constantly grappled with by software manufacturers. The paper concludes by stating that through examining the ideas presented in the article "Secure at the Source" the greatest insights as to how software manufacturers can improve their security vulnerabilities, during the design process.
From the Paper:"The independent model is when each software developer will look for security vulnerabilities in the code. They would go through each of the above objectives to accurately determine what possible weakness could exist in the source code. In order for this model to work most effectively, requires that all software engineers have the knowledge to effectively address a number of different security issues. Managers must then provide guidance and engage in proper quality control, to ensure that all security issues have been effectively addressed. This model is ideally utilized by small development firms, with a small number of software development engineers. The reason why, is because this model involves the engineer engaging in more tedious work. When there are large amounts of engineers it is easy for managers to become overwhelmed with such a system. As such situations occur; it is more than likely that managers and developers can quickly loose focus. This is because a common standard is not in place and there is no flexibility the system. This is why this would work most effectively for those organizations that are smaller, with a limited number of engineers. According to the article, the most effective practices for using the approach would include: to set measurable security requirements..."
Sample of Sources Used:
- Berg, R. (2007). Secure at the Source. Ounce Labs.
Cite this Article Review:
"Secure at the Source" - An Article Review (2012, November 13) Retrieved December 04, 2023, from https://www.academon.com/article-review/secure-at-the-source-an-article-review-152033/
""Secure at the Source" - An Article Review" 13 November 2012. Web. 04 December. 2023. <https://www.academon.com/article-review/secure-at-the-source-an-article-review-152033/>