Part A. Answer the following questions:
1. In your own words explain what software security is and why it is important?
2. In your opinion, what are security software design principles? what about design patterns?
3. What are the software security activities in the life cycle?
Part B. Identify and formulate security requirements for a software that will be supposedly built to automate the activity.
1) Opening a bank account at a Bank of America branch;
2) Getting your driver's license at the local DMV;
3) Applying for a tourist visa to Canada;
4) Enrolling at one of ITU's grad-school programs;
5) Joining the United States military;
6) Signing up for health insurance in the United States;
7) Applying for car loan in the United States.
This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.
1. Software security is the practice of engineering a software during development in such a way that it works securely and correctly even if there is some malicious attack. This is a relatively new concept in software development. It is about building secure software from the very beginning.
Software security depends on the architecture and design of the software. Software often has vulnerabilities inherent in it. Exploitation of those vulnerabilities is very common. Lack of secure and standard coding practices is a common issue behind the vulnerabilities in a software. So, software security is important as it will help to reduce most of the vulnerabilities from a software by developing a secure software from the very beginning (Davis, 2012).
2. Some design principles of secure software are (Davis, 2012),
a. Minimization of attack surface by reducing the entry points that can be exploited by some malicious code.
b. Users should be given only the required privilege to do their jobs. More privileges mean more chances of exploitation.
c. Different roles and access controls should be there
d. There must be multiple layers of control to make the software more secure...
This is only a preview of the solution. Please use the purchase button to see the entire solution