Security in the Software Life Cycle Essay Example | Topics and Well Written Essays - 750 words

Security in the Softw be Life Cycle - Essay ExampleAs mentioned earlier there are some(prenominal) descriptors of SDLC, the first phase has been the Initiation phase. The five security controls that are required in the Initiation phase areThe software program is meant for serving the purpose of the node and hence from a developer point of view, it must be ensured that business or client functionality requirements have been fulfilled. Hence in the initiation phase, we begin with the requirement document. Its nigh engaging the business partner in assessing the security aspects and risk associated and at the same time what could be done so that the protection needs of the software can be covered. The business in nigh of the cases wouldnt be aware of technical aspects of SDLC and integration of security in it. Hence a set of questionnaires are developed with the sole purpose being the transfer of security related technical issues of the software to the client while keeping things i n the language of the business partner. The simpler language would enable developers in unraveling the security requirements of the proposed software. software program development in modern times is a combination of phases based on established norms. The concepts of software engineering as well testing is very useful when policies and standards are taken into consideration. Requirement judicial admission document must include the development sit down preferred like the waterfall model, liner model or spiral model etc. Use of automated audit history would also economic aid to manage the required changes as well analysis of the current stage of the development of the software. Identify relevant Regulatory, Compliance, and Privacy RequirementsIn this networked world, regulatory requirements have international implications. Service providers like www.amazon.com, www.ebay.com etc. have make their services available all across the world and hence they have to undertake both topical a nesthetic and international considerations for regulatory, compliance and screen requirements. In case of software for e-commerce, users are needed to provide their conviction card details and the CVV number. Now, in this case, the website would need SSL certificate from VeriSign. Hence identification of the applicable regulatory, compliance and privacy requirements become a necessity so that softwares portability could be without any physical and logical boundary.