Home > IT Blogs > Quality Assurance and Project Management > SDLC-II – Applying security concepts to software design
>>VIEW ALL POSTS  

Quality Assurance and Project Management

«
»
Nov 10 2008   10:12AM GMT

SDLC-II – Applying security concepts to software design



Posted by: Jaideep Khanduja
SDLC, Security, security concepts, software design

Security concepts will vary from software to software except few generic requirements that will remain standard for most of the softwares. The major varying requirements will be dependant on following factors:

  • 1. Software requirements – Based on the requirements specified by the customer and the design this can further be divided into two sub-categories as below:
  • a. Customer specific: As specified by the customer and suggested by the vendor representative. The vendor in this case may be in-house development team or an external agency. The representative can be the IT Head, software project manager or any senior position in case of internal team, or a dedicated project manager or project head in case of the external agency.
    b. System specific: The other major factor deciding on security concepts to be built in the software will be system design”. What architecture is chosen, what technology, what database, what front end etc.

    • 2. Risk Factor – The gravity of risk involved and what level of security is required will decide on the security features to be built in the software
    3. End User – What level or type of user is going to use the software
    4. Money Matters – If there are any money related transactions in the software will require a different set of security concepts.
    5. Statutory requirements – The outward or inward connection with other legal/non-legal agencies will formulate the specific security specifications. Also will depend on any statutory requirements to be met by the software.

      Bookmark and Share     Comment     RSS Feed     Email a friend

    Comment on this Post

    Leave a comment: