Volume 7 Number 4 (Oct. 2018)
Home > Archive > 2018 > Volume 7 Number 4 (Oct. 2018) >
IJCCE 2018 Vol.7(4): 145-166 ISSN: 2010-3743
DOI: 10.17706/IJCCE.2018.7.4.145-166

A Collaborative Platform Featuring Visibility, Tracking, Monitoring and Awareness for Building Security In.

H. M. K. K. B. Herath, G. D. S. P. Wimalaratne
Abstract—Software developed referring to a poor design often causes the introduction of security issues which could spread into other phases of the Software Development Life Cycle if not address in the initial stages. This could lead to major security breaches and loss of valuable assets to the consumers. Identifying and fixing security issues as early as possible in a software product is the most cost-effective way of implementing software security. This research proposes a proactive approach to build security into the product itself with the aid of a new tool developed as a proof of concept. The proposed semi-automatic tool will address limitations in current approaches to secure software engineering when developing a software product by providing visibility, tracking, awareness, and progress monitoring. Additionally Developers, Architects, QA, BA, and Management, as well as the Users, can participate in the Threat Modeling and architectural security analysis contributing their input for Security Engineering with the support provided by the tool as an interactive platform, a knowledge base and as an integration platform. The Microsoft Threat Modeling Tool is being used to generate the threat models. The tool extracts threat model information and produces detailed mitigations using known vulnerability databases and classification techniques. Developers can better understand the potential threats, vulnerabilities when coding and integration functionality with a Project Management Tool can provide visibility and tracking of Building Security In throughout SDLC.

Index Terms—Threat modeling, building security In., architectural risk analysis, defence in depth, collaborative platform, secure software engineering, application security.

H. M. K. K. B. Herath and G. D. S. P. Wimalaratne are with University of Colombo School of Computing, 35 Reid Ave, Colombo 00700, Sri Lanka.

Cite:H. M. K. K. B. Herath, G. D. S. P. Wimalaratne, "A Collaborative Platform Featuring Visibility, Tracking, Monitoring and Awareness for Building Security In.," International Journal of Computer and Communication Engineering vol. 7, no. 4, pp. 145-166, 2018.

PREVIOUS PAPER
SPOTur—Tourists Protection and Orientation System in Inhospitable Environments
NEXT PAPER
Enhancing Particle Swarm Optimization Using Opposite Gradient Search for Travelling Salesman Problem

General Information

ISSN: 2010-3743 (Online)
Abbreviated Title: Int. J. Comput. Commun. Eng.
Frequency: Quarterly
DOI: 10.17706/IJCCE
Editor-in-Chief: Dr. Maode Ma
Abstracting/ Indexing: INSPEC, CNKI, Google Scholar, Crossref, EBSCO, ProQuest, and Electronic Journals Library
E-mail: ijcce@iap.org

What's New

  • Dec 29, 2021 News!

    IJCCE Vol. 10, No. 1 - Vol. 10, No. 2 have been indexed by Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Mar 17, 2022 News!

    IJCCE Vol.11, No.2 is published with online version!   [Click]

  • Dec 29, 2021 News!

    The dois of published papers in Vol. 9, No. 3 - Vol. 10, No. 4 have been validated by Crossref.

  • Dec 29, 2021 News!

    IJCCE Vol.11, No.1 is published with online version!   [Click]

  • Sep 16, 2021 News!

    IJCCE Vol.10, No.4 is published with online version!   [Click]

  • Read more>>