Identificador persistente para citar o vincular este elemento:
http://hdl.handle.net/10662/20374
Registro completo de Metadatos
Campo DC | Valor | idioma |
---|---|---|
dc.contributor.author | Sancho Núñez, José Carlos | - |
dc.contributor.author | Caro Lindo, Andrés | - |
dc.contributor.author | García Rodríguez, Pablo | - |
dc.date.accessioned | 2024-02-07T19:02:16Z | - |
dc.date.available | 2024-02-07T19:02:16Z | - |
dc.date.issued | 2020 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | http://hdl.handle.net/10662/20374 | - |
dc.description.abstract | The number of cyberattacks has greatly increased in in the last years, as well as their sophistication and impact. For this reason, new emerging software development models are demanded, which help in developing secure by default software. To achieve this, the analysis and comparison in depth of the current models of secure software development is especially important. In this paper, a review of the most popular secure software models is presented, and a new secure software methodology is proposed, adapted to all current environments. A practical experiment in a software development company is tested, as a case study, considering data from real software projects. The results are presented and compared in two development scenarios: a classic one with a reactive security approach, and another one, emerging and preventive, that applies security by default in all phases of the software life cycle. In the case study, the total amount of vulnerabilities is reduced by 68,42%, decreasing their criticality and the temporal impact of their resolutions. In this way, software security and quality are methodologically improved with the proposed model, proving that the new emerging approach provides a more secure software. | es_ES |
dc.format.extent | 13 | es_ES |
dc.format.mimetype | application/pdf | en_US |
dc.language.iso | eng | es_ES |
dc.publisher | IEEE | es_ES |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
dc.subject | Cybersecurity | es_ES |
dc.subject | Software Development | es_ES |
dc.subject | Software Factory | es_ES |
dc.subject | Secure Software Development | es_ES |
dc.title | A Preventive Secure Software Development Model for a Software Factory: A Case Study | es_ES |
dc.type | article | es_ES |
dc.description.version | peerReviewed | es_ES |
europeana.type | TEXT | en_US |
dc.rights.accessRights | openAccess | es_ES |
europeana.dataProvider | Universidad de Extremadura. España | es_ES |
dc.type.version | publishedVersion | es_ES |
dc.contributor.affiliation | Universidad de Extremadura. Departamento de Ingeniería de Sistemas Informáticos y Telemáticos | es_ES |
dc.relation.publisherversion | 10.1109/ACCESS.2020.2989113 | es_ES |
dc.identifier.publicationtitle | IEEE Access | es_ES |
dc.identifier.publicationfirstpage | 77653 | es_ES |
dc.identifier.publicationlastpage | 77665 | es_ES |
dc.identifier.publicationvolume | 8 | es_ES |
dc.identifier.orcid | 0000-0001-8168-7892 | es_ES |
Colección: | DISIT - Artículos |
Archivos
Archivo | Descripción | Tamaño | Formato | |
---|---|---|---|---|
2020_Tote_Preventive.pdf | 3,39 MB | Adobe PDF | Descargar |
Este elemento está sujeto a una licencia Licencia Creative Commons