Quantifying Security in Secure Software Development Phases

July 28-August 01

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.173

2008 32nd Annual IEEE International C ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Muhammad Umair Ahmed Khan Articles by Mohammad Zulkernine

	ASCII Text	x
	Muhammad Umair Ahmed Khan, Mohammad Zulkernine, "Quantifying Security in Secure Software Development Phases," Computer Software and Applications Conference, Annual International, pp. 955-960, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008.

	BibTex	x
	@article{ 10.1109/COMPSAC.2008.173, author = {Muhammad Umair Ahmed Khan and Mohammad Zulkernine}, title = {Quantifying Security in Secure Software Development Phases}, journal ={Computer Software and Applications Conference, Annual International}, volume = {0}, year = {2008}, issn = {0730-3157}, pages = {955-960}, doi = {http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.173}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - Quantifying Security in Secure Software Development Phases SN - 0730-3157 SP955 EP960 A1 - Muhammad Umair Ahmed Khan, A1 - Mohammad Zulkernine, PY - 2008 KW - null VL - 0 JA - Computer Software and Applications Conference, Annual International ER -

Muhammad Umair Ahmed Khan

Mohammad Zulkernine

Secure software is crucial in today’s software dependent world. However, most of the time, security is not addressed from the very beginning of a software development life cycle (SDLC), and it is only incorporated after the software has been developed. Even when security is considered since the inception of the software development, there is no concrete way to quantify security of an SDLC artifact. This quantification is necessary to know about the security state of an SDLC artifact after each phase of software development. Moreover, this could help the software developers in allocating further resources to increase security and decrease the vulnerabilities in any software. In this paper, we use vulnerability occurrences to calculate a vulnerability index of an SDLC artifact that provides an indication about the existing vulnerabilities. Moreover, we calculate a security index by using the combined potential damage that can be caused due to vulnerabilities.

Citation:

Muhammad Umair Ahmed Khan, Mohammad Zulkernine, "Quantifying Security in Secure Software Development Phases," compsac, pp.955-960, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.