Data Protection and Security

   

VI

Operating System Security and Secure Programming

    

VI.IV

Secure Software Development

    
   
 

Software Project Goals:

Above we have seen how a software development methodology and a practical auditing tool can be helpful to develop more secure software. Nevertheless, it is still too early to say that we have acquired the necessary scientific knowledge to develop software which is secure hundred percent. For this ultimate result, there is a vast amount of security research currently under progress. Even when the science of security will give us all the power to write the secure software in the future, there is still a big doubt whether the dream of secure software is going to be realized in practice. This is due to direct clash between security and other software project goals.

Key software project goals are:

  • Functionality
  • Usability
  • Efficiency
  • Time-to-market
  • Simplicity

The disconnect between “roving bands of developers” and the security staff of the IT department should be obvious from the above discussion. One workable approach to bridging the gap is to make software security somebody’s job. The trick is to find the right somebody. Two major qualifications are required for a software security personnel:

  1. A deep understanding of sofware development
  2. An understanding of security


    

VI.IV.I Q

[+] Question

[-] Question

Which of these project goals is not contradicting with security goals? Why? (Hint: There is only one)

    
   
       
 
«previous session [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] next session »
   
       
 
«proceed to previous section proceed to next section »
  chapter index