Quality Assurance and Project Management

Nov 10 2008   10:12AM GMT

SDLC-II – Applying security concepts to software design

Jaideep Khanduja Jaideep Khanduja Profile: Jaideep Khanduja

Security concepts will vary from software to software except few generic requirements that will remain standard for most of the softwares. The major varying requirements will be dependant on following factors:

  • 1. Software requirements – Based on the requirements specified by the customer and the design this can further be divided into two sub-categories as below:
  • a. Customer specific: As specified by the customer and suggested by the vendor representative. The vendor in this case may be in-house development team or an external agency. The representative can be the IT Head, software project manager or any senior position in case of internal team, or a dedicated project manager or project head in case of the external agency.
    b. System specific: The other major factor deciding on security concepts to be built in the software will be system design”. What architecture is chosen, what technology, what database, what front end etc.
  • 2. Risk Factor – The gravity of risk involved and what level of security is required will decide on the security features to be built in the software
    3. End User – What level or type of user is going to use the software
    4. Money Matters – If there are any money related transactions in the software will require a different set of security concepts.
    5. Statutory requirements – The outward or inward connection with other legal/non-legal agencies will formulate the specific security specifications. Also will depend on any statutory requirements to be met by the software.

     Comment on this Post

    There was an error processing your information. Please try again later.
    Thanks. We'll let you know when a new response is added.
    Send me notifications when other members comment.

    Forgot Password

    No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

    Your password has been sent to:

    Share this item with your network: