Secure software development as a component in the system ensuring the organization information security
| Authors: Sokolovsky V.E., Glinskaya E.V. |  |
| Published in issue: #3(92)/2024 | |
| DOI: | |
Category: Informatics, Computer Engineering and Control | Chapter: Methods and Systems of Information Protection, Information Security |
|
Keywords: information technology, software, ensuring information security, analyzer programs, programmer errors, process of organizing secure development |
|
| Published: 17.07.2024 | |
Secure software development is an urgent problem. Its solution is aimed at creating a system to ensure information security in an organization. Good development strategy should take into account the security needs, as well as the system of the organization developers. Study objective is to ensure security built into the development processes. Part of the security system successful development is meeting the developers to be able to make changes in the development processes taking into account the security requirements. The paper considers main errors in the software development, distinctive features of the secure development process, relationship between the security analysis results in software development and the problems in using the information security tools.
References
[1] Ponamorev I.V. Systematization of Information Systems and Information Security. Reports Scientific Society, 2021, no. 3 (27), pp. 64–66. EDN QCQDBX.
[2] Yakimova V.V. Modern achievements in the field of information technology. Language in the field of professional communication. Int. scientific and practical. conf. of teachers, graduate students and students: collection of materials. Ekaterinburg, OOO "Izdatelskiy Dom" Azhur ", 2020, pp. 761–766. EDN IKURFU. (In Russ.).
[3] GOST R 56939–2016. Information security. Development of secure software. General requirements. Moscow, Standartinform, 2016. (In Russ.).
[4] GOST R 53114–2008. Information security. Ensuring information security in an organization. Basic terms and definitions. Moscow, Standartinform, 2008. (In Russ.).
[5] Soc forum 2024. URL: https://forumsoc.ru/ (date of access 04/15/2024).
[6] Kipkeeva A.M., Urusov A.A. Information security is the most important element of ensuring the economic security of an organization. Bulletin of the Academy of Knowledge, 2020, No. 40 (5), pp. 157–161. (In Russ.). https://doi.org/10.24412/2304-6139-2020-10611 (date of access 04/15/2024).
[7] Vostretsova E.V. Fundamentals of information security. Ekaterinburg, Ural. University, 2019, 204 p. (In Russ.).
[8] Database of information security threats. URL: https://bdu.fstec.ru/ (accessed on 15.04.2024).
[9] 25 mistakes of a novice programmer. URL: https://habr.com/ru/articles/413129/ (accessed on 15.04.2024).
[10] GOST R 58412–2019. Information protection. Development of secure software. Threats to information security during software development. Moscow, Standartinform, 2019. (In Russ.).
[11] FSTEC of Russia registers. URL: https://reestr.fstec.ru/ (accessed on 15.04.2024).
[12] Solar Appscreener. URL: https://rt-solar.ru/products/solar_appscreener/?utm_source=Programmatic&utm_ medium =cpc&utm_campaign=AppScreener&utm_content=cmp-90287064_gr-5235869414_ad-15505116023_ph-47403313262&utm_term=PRG1&yclid=1 2157612666175356927 (accessed April 15, 2024).