Tags

,

INFSYS 6868 Software Assurance – Student Research Papers

Software Development Security: Security Driven Development

Abstract: Security design patterns in the software development life cycle has taken a back seat to create better user experience. At the cost of this better user experience is the risk associated with the lack of focus in security. This becomes an issue for companies that experience major security breaches and must continue to patch their patterns rather than, taking a security driven approach to designing their software. In this paper we will explore the benefits of moving toward a security driven development pattern. In the paper the focus will be centered on business processes and involving security throughout the organizational ecosystem. The benefits and challenges that is associated with moving toward a security driven development pattern and how to build a security driven organization.

Click here to view research paper Secuirty_Driven_Dev_Sasa_Basara

Third Party Risk Management: Cost-effective Approach

Abstract: This paper focuses on importance of third-party risk management and outsourcing risks. Specifically this paper will emphasize the importance of building supplier relationships in safe, secure and productive way applying risk-based approach to supplier oversight and relationship management. Benefits and challenges outlined along with recommendations on how to build risk averse and policy compliant corporate culture.

Click here to view research paper Third Party Risk Management

Improving Web Application Security by Eliminating CWEs

Abstract: This study examined improving web application security by eliminating CWEs. With the developing of web application, securities are becoming more and more important and complicated. The article states the current situation of the web application security and provides possible solution method. By understanding the CWEs and eliminating CWEs can help web application developers to solve or minimizing the security problems. The study listed three CWEs as examples to show how to understand and eliminate CWEs. Problem-solving based method can help people quickly understand the advantage of using CWEs to improve web application. Cloud Computing is also covered in the study for the future research directions.

Click here to view research paper  Weijie_Chen_ResearchPaper