A CASE STUDY ON SOFTWARE SECURITY RISK MITIGATION WITH HISTORICAL INFORMATION IN MEDIUM SIZE ENTERPRISES
International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)
Download this PDF format
Abstract
Software permeates many industries, and engineering secure software is becoming a more difficult task for many software engineers and managers. Hazards are associated with any software project, and experts study concepts related to risk management. Owing to the potential consequences for the client, security risks are too significant to be viewed as merely one of the numerous hazards that a software project may encounter. This paper proposes a method for managing security risks based on the historical data that an organization has access to regarding security breaches on apps that it has created and provided in the past, and examines how the implementation of the strategy has improved software security.
References
1. The Open Web App Security Project, Top-10 2010 – Main, HTTP://WWW.owasp.org/index.PHP/Top_10_2010_main
2. Neil Roster, Exploiting the Exploitable: New Software Vulnerabilities Down, but Risk remains high, Pecuniary Reports, Feb 21, 2012, www.securitybistro.com/blog/?p=1060
3. Hughes, Bob and Cotter-ell, Mike, “Software Project Management”, Forth Edition.
4. Yang J., Navarro V., Feature Subset Selection Using a Genetic Algorithm, IEEE Intelligent Systems, vol. 13, 1998, pp 44-49.
5. Raymer M.L., Punch W.F., et. al., Conditionality Reduction Using Genetic Algorithms, IEEE Trans. On Evolutionary Computation, Vol.4, 2000, pp 164-171.
6. Hochman R., Khoshgoftaar T.M., Allen A.B., Huddle J.P., Using the Genetic Algorithm to Build Neural Networks for Fault-Prone Module Detection, Prov. Of 7 Th IEEE International Symposium on Software Reliability Engineering, New York, 1996, pp 152-162.
7. Liu Y., Khoshgoftaar T.M., Genetic Programming Model for Software Quality Classification, Prov. Of 6 The IEEE International Symposium on High Assurance Systems Engineering, 2001.
8. Duda C.D., Hart P.E., Stork D.G., Pattern Classification, Wiley & Sons, New York, USA, 2001.
Keywords
Software Project Management, Secure Software and Security Risk.
