Software engineering has established techniques, methods and technology over two decades. However, due to the lack of understanding of software security vulnerabilities, we have been not successful in applying software engineering principles when developing secured software systems. Therefore software security cannot be added after a system has been built as seen on todays software applications. This book provides concise and good practice design guidelines on software security which will benefit practitioners, researchers, learners, and educators. Topics discussed include systematic approaches to engineering; building and assuring software security throughout software lifecycle; software security based requirements engineering; design for software security; software security implementation; best practice guideline on developing software security; and, test for software security and quality validation for software security.
Software Security Engineering: Introduction; Software Security Requirements Engineering; Software Security Modelling; Knowledge Engineering & Software Security for Software Product Lines; Software Security Assurance & Management; Design for Software Security; CBSE for Software Security; Code Security Best Practice Guidelines & Examples; Software Security Testing; Internet Security Improvement Model; Software Security Based Development for Cloud Computing Applications; Secured Software Components for ERP systems; Index.