Towards Unveiling Effects Of Human Factors Within Security Risk Assessment

Mbaka, Winnie

doi:10.1145/3573074.3573092

Cited by 1 publication

(1 citation statement)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Mbaaka has identifed human as a critical security risk and used STRIDE to identify human factors, including gender, age, and education, to assess the security threats [32].…”

Section: Related Workmentioning

confidence: 99%

Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model

Hussain,

Anwaar,

Sultan

et al. 2024

Journal of Engineering

View full text Add to dashboard Cite

For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques.

show abstract

“…Mbaaka has identifed human as a critical security risk and used STRIDE to identify human factors, including gender, age, and education, to assess the security threats [32].…”

Section: Related Workmentioning

confidence: 99%