Locking Down the Software Development Environment

Abstract : The goal of this paper is that configuration management is a simple and cost effective method to secure the development environment without impeding innovation, creativity, or schedule. Software development is a business, and it is reasonable to assume both developers and customers want systems that are protected because there will always be attempts to gain access to software and the data/information residing in the computer systems.

[1]  Stephen Brewster,et al.  INTEGRATING SOFTWARE ASSURANCE INTO THE SOFTWARE DEVELOPMENT LIFE CYCLE (SDLC) , 2010 .

[2]  Vladimir O. Safonov Using Aspect-Oriented Programming for Trustworthy Software Development , 2008 .

[3]  Magreth Mushi,et al.  Security in In-House Developed Information Systems: The Case of Tanzania , 2012 .

[4]  Laurie A. Williams,et al.  Evaluating Complexity, Code Churn, and Developer Activity Metrics as Indicators of Software Vulnerabilities , 2011, IEEE Transactions on Software Engineering.

[5]  J. B. Rainsberger,et al.  JUnit Recipes: Practical Methods for Programmer Testing , 2004 .

[6]  Mario E. Moreira Adapting Configuration Management for Agile Teams: Balancing Sustainability and Speed , 2009 .

[7]  Alexis Leon A Guide to Software Configuration Management , 2000 .

[8]  Mohammad Zulkernine,et al.  On Selecting Appropriate Development Processes and Requirements Engineering Methods for Secure Software , 2009, 2009 33rd Annual IEEE International Computer Software and Applications Conference.

[9]  E. Bersoff,et al.  Software Configuration Management , 1978, SIGMETRICS Perform. Evaluation Rev..

[10]  Norman R. Nielsen Computers, security, and the audit function , 1975, AFIPS '75.

[11]  Mohammad Zulkernine,et al.  Mitigating program security vulnerabilities: Approaches and challenges , 2012, CSUR.

[12]  Abhinav Rastogi,et al.  Secure Coding: Building Security into the Software Development Life Cycle , 2004, Inf. Secur. J. A Glob. Perspect..

[13]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[14]  Ken Schwaber,et al.  Agile Software Development with SCRUM , 2001 .

[15]  Paul C. Jorgensen,et al.  Software Testing: A Craftsman's Approach , 1995 .