Method for the development of secure software based on software engineering and cybersecurity
Main Article Content
Abstract
The increase in computer attacks is in increasing demand, nowadays cybercrime to which our data is exposed is more frequent. On the other hand, the management of software and tools used in computer science is what represents today a fundamental pillar in what teaching and scientific research refers, however, the concept goes far beyond that, of the hand of computer security that involves many more factors than are believed, not only physical but logical, referring to all the applications that run on each of the computers and that are part of the software. This paper presents a secure software model based on the software development life cycle and aims to create professionals capable of developing secure software products and at the same time raise awareness of the various problems that may arise from not establishing security measures in Systems development A final analysis of the importance of creating professionals with knowledge of the use and application of computer security is carried out.
Downloads
Article Details
COPYRIGHT NOTICE
Authors who publish in the INNOVA Research Journal keeps copyright and guarantee the journal the right to be the first publication of the work under the Creative Commons License, Attribution-Non-Commercial 4.0 International (CC BY-NC 4.0). They can be copied, used, disseminated, transmitted and publicly exhibited, provided that: a) the authorship and original source of their publication (magazine, publisher, URL and DOI of the work) is cited; b) are not used for commercial purposes; c) the existence and specifications of this license of use are mentioned.
References
Brian S. Cole, J. H. (2018). Eleven quick tips for architecting biomedical informatics workflows with cloud computing. PLOS Computational Biology Education.
CVE. (2019). Common Vulnerabilities and Exposures. Obtenido de cve.mitre.org/
David G. Rosado, C. B.-M. (s.f.). La Seguridad como una asignatura indispensable. XVI Jornadas de Enseñanza Universitaria de la Informática.
Foundation, O. (2017). OWASP Top 10 - 2017 Los diez riesgos más críticos en Aplicaciones Web. Obtenido de www.owasp.org
García-Peñalvo, F. J. (2018). Obtenido de https://repositorio.grial.eu/bitstream/grial/1228/1/07-rep.pdf
Garzón, P. A. (2010). DragonJar. Obtenido de https://www.dragonjar.org/seguridad-informatica-un-reto-para-la-ingenieria-del-software-o-una-necesidad.xhtml
Guamán, D., Guamán, F., Jaramillo, D., & Sucunuta, M. (2017). Implementation of techniques and OWASP security recommendations to avoid SQL and XSS attacks using J2EE and WS-Security. 2017 12th Iberian Conference on Information Systems and Technologies (CISTI).
Kendall, K., & Kendall, J. (2011). Análisis y diseño de sistemas. México: Pearson Educación.
Mathkour H., A. G. (2008). A Risk Management Tool for Extreme Programming. IJCSNS International Journal of Computer Science and Network Security, 8(8), 326-333.
Ruiz, G. (9 de 10 de 2018). Los 10 Principales Riesgos de Seguridad según OWASP – Parte I. Obtenido de https://blog.sucuri.net/espanol/2018/10/los-10-principales-riesgos-de-seguridad-segun-owasp-parte-i.html
Schnoeller G., M. L. (2016). A strategy based on knowledge acquisition for management of requirements risks on distributed XP development. Revista lbérica de Sistemas y Tecnologías de Información(20), 18–33. doi:10.17013/risti.20.18–33
SEI. (2010). CMMI para Desarrollo, Versión 1.3. Mejora de los procesos para el desarrollo de mejores productos y servicios. EE.UU.: Technical Report, Software Engineering Institute.
SGI. (2014). The CHAOS Manifesto. Obtenido de The Standish Group International: https://www.projectsmart.co.uk/white-papers/chaos-report.pdf
SGI. (2015). Standish Group 2015 Chaos Report. Obtenido de https://www.infoq.com/articles/standish-chaos-2015
Sommerville, I. (2005). Ingeniería del Software. Pearson Educación.
Vondran, A. (2015). Metodologías ágiles de gestión de proyectos. Obtenido de https://www.linkedin.com/pulse/metodolog%C3%ADas-%C3%A1giles-de-gesti%C3%B3n-proyectos-andre-vondran/
Voutssas, J. (2010). Preservación documental digital y seguridad informática. Investigación bibliotecológica.