Volume 7 Number 4 (Oct. 2018)
Home > Archive > 2018 > Volume 7 Number 4 (Oct. 2018) >
IJCCE 2018 Vol.7(4): 145-166 ISSN: 2010-3743
DOI: 10.17706/IJCCE.2018.7.4.145-166

A Collaborative Platform Featuring Visibility, Tracking, Monitoring and Awareness for Building Security In.

H. M. K. K. B. Herath, G. D. S. P. Wimalaratne
Abstract—Software developed referring to a poor design often causes the introduction of security issues which could spread into other phases of the Software Development Life Cycle if not address in the initial stages. This could lead to major security breaches and loss of valuable assets to the consumers. Identifying and fixing security issues as early as possible in a software product is the most cost-effective way of implementing software security. This research proposes a proactive approach to build security into the product itself with the aid of a new tool developed as a proof of concept. The proposed semi-automatic tool will address limitations in current approaches to secure software engineering when developing a software product by providing visibility, tracking, awareness, and progress monitoring. Additionally Developers, Architects, QA, BA, and Management, as well as the Users, can participate in the Threat Modeling and architectural security analysis contributing their input for Security Engineering with the support provided by the tool as an interactive platform, a knowledge base and as an integration platform. The Microsoft Threat Modeling Tool is being used to generate the threat models. The tool extracts threat model information and produces detailed mitigations using known vulnerability databases and classification techniques. Developers can better understand the potential threats, vulnerabilities when coding and integration functionality with a Project Management Tool can provide visibility and tracking of Building Security In throughout SDLC.

Index Terms—Threat modeling, building security In., architectural risk analysis, defence in depth, collaborative platform, secure software engineering, application security.

H. M. K. K. B. Herath and G. D. S. P. Wimalaratne are with University of Colombo School of Computing, 35 Reid Ave, Colombo 00700, Sri Lanka.

Cite:H. M. K. K. B. Herath, G. D. S. P. Wimalaratne, "A Collaborative Platform Featuring Visibility, Tracking, Monitoring and Awareness for Building Security In.," International Journal of Computer and Communication Engineering vol. 7, no. 4, pp. 145-166, 2018.

General Information

ISSN: 2010-3743
Frequency: Quarterly
Editor-in-Chief: Dr. Maode Ma
Abstracting/ Indexing: EI (INSPEC, IET), Google Scholar, Crossref, ProQuest, and Electronic Journals Library
E-mail: ijcce@iap.org
  • Aug 06, 2018 News!

    IJCCE Vol. 5, No. 6 - Vol. 6, No. 2 have been indexed by EI (Inspec) Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Oct 19, 2018 News!

    IJCCE Vol.7, No.4 is published with online version!   [Click]

  • Jul 30, 2018 News!

     IJCCE Vol.7, No.3 is published with online version!   [Click]

  • May 30, 2018 News!

    IJCCE Vol.7, No.2 is published with online version!   [Click]

  • Nov 07, 2017 News!

    IJCCE Vol. 5, No. 5 has been indexed by EI (Inspec) Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Read more>>