Login | Register

New measurements for building secure software

Title:

New measurements for building secure software

Sultan, Khalid Ibrahim (2007) New measurements for building secure software. Masters thesis, Concordia University.

[img]
Preview
Text (application/pdf)
MR34464.pdf - Accepted Version
3MB

Abstract

Despite the increased focus of today's research towards improving security of the cyber infrastructure, there still exists room for improvement particularly in handling security during the software development life cycle (SDLC). Developing secure software requires that the developers should address security issues as part of each phase of the software development process. Security metrics are powerful techniques that can assist software designers and developers integrate security features into their systems from the very beginning in the development lifecycle. However, it is worth mentioning that the idea of introducing such metrics in each phase of the SDLC has not appeared before. To cope with the situation, we propose a new set of technical security metrics for building secure software. The proposed metrics are aimed to address the security related parameters throughout the entire SDLC. The focus of this research is to examine the concept "Design for Security" as part of research efforts and to incorporate technical security issues related to the development of software from the very beginning in the development process. This set of metrics is further divided into subgroups where each subgroup corresponds to a particular phase of the SDLC. While describing each of these metrics, it has been specified whether a particular metric can be calculated automatically or manually. For calculating the automated metrics, we built a tool using JavaCC (Java Compiler Compiler) to do so. It takes a C/C++ source code files as input. The output of the tool is basically the automated security metrics during the implementation phase. We believe that considering these metrics will help people involved in the software development process improve their applications from the security point of view. Keywords: Software Security, Security Metrics, Software Development Lifecycle, Design for Security.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (Masters)
Authors:Sultan, Khalid Ibrahim
Pagination:xi, 97 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Electrical and Computer Engineering
Date:2007
Thesis Supervisor(s):En-Nouaary, Abdeslam
ID Code:975384
Deposited By: Concordia University Library
Deposited On:22 Jan 2013 16:07
Last Modified:18 Jan 2018 17:40
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top