Software Security; A Vulnerability Activity Revisit

  • Hadavi M
  • Shirazi H
  • Sangchi H
 et al. 
  • 23

    Readers

    Mendeley users who have this article in their library.
  • N/A

    Citations

    Citations of this article.

Abstract

This paper attempts to introduce a method for developing secure software based on the vulnerabilities which are already known. In the proposed method, the most prevalent vulnerabilities are selected. For each vulnerability its location of appearance within the software development process, as well as methods of mitigation through design-level or implementation- level activities is discussed. Mapping vulnerabilities to design and implementation within software development process not only results to a better understanding of vulnerability emergence, but also allows countermeasures to be applied during initial steps of vulnerability creation, and thus better software security. This mapping shows that choosing a suitable programming language and enforcing the least privileges are the most vital design time decisions. Also, security code review and server side input validation are implementation-level activities assumed to cover most of the vulnerabilities.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Authors

  • Mohammad Ali Hadavi

  • Hossein Shirazi

  • Hasan Mokhtari Sangchi

  • Vahid Saber Hamishagi

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free