Abstract
Security in the Software Development Life Cycle (SDLC) has become imperative due to the variety of threats posed during and after system design. In this paper we have studied the security in system design in general and software development in particular, and have proposed strategies for integration of security in the SDLC. The paper highlights the needs of embedding security right from the earlier processes in the SDLC because patches and controls after the software delivery are more expensive to fix. We propose Source Code EMbedded (SCEM) security framework to improve the design of security policies and standards for the software development process to ensure the security and reliability in government departments such as taxation, auditing, national security, social security, and immigration. It is also envisaged that the implementation of SCEM security framework will ensure commercial and public trust in the software development process within Australia and worldwide, saving enormous redevelopment costs.
| Original language | English |
|---|---|
| Title of host publication | 9th Australian Information Security Management Conference (secau Security Congress 2011) |
| Editors | Craig Valli |
| Place of Publication | Perth |
| Publisher | SecAU Security Congress 2011, ECU |
| Pages | 262-269 |
| Number of pages | 8 |
| Publication status | Published - 2011 |
| Event | Australian Information Security Management Conference - Perth, Australia Duration: 05 Dec 2011 → 07 Dec 2011 |
Conference
| Conference | Australian Information Security Management Conference |
|---|---|
| Country/Territory | Australia |
| Period | 05/12/11 → 07/12/11 |
