Hire Our Expert Programmer & Technical Writer To Do Your Capstone Project
0 votes
in Software Engineering by (user.guest)

1 Answer

0 votes
by (user.guest)
Best answer

Security can be incorporated into information system development through the adoption of security practices in the following areas:

  • Unique Security requirements for the system
  • Correct processing within applications
  • Cryptographic controls
  • Security of system files
  • Security in development and support processes
  • Technical vulnerability management.

These highlighted points are further explained below:

  • Information system security starts with the incorporation of security into the requirements process of the new information system. Security requirements are presented to the product owner during the requirements phase of the development. Testing is done after development to ensure that the finished product meets the required security requirements.
  • Accurate processing in applications helps to prevent errors and reduce loss, unauthorized modifications and misuse of information. Some coding techniques like validating input and output data, protecting message integrity as well as checking for processing errors can be put in place to improve the overall efficiency of the system.
  • Cryptographic controls provide a good way to protect the confidentiality, authenticity and integrity of information. Institutions deploying information systems must make use of encryption, including proper key management.. Disk encryption is a way to protect stored data. Data being moved around can be protected from alteration and authorized viewing using SSL certificates issued by the Certificate Authority.
  • System files being used by applications must be protected in order to guarantee the integrity of the applications. Deploying technologies like version control, extensive testing tools, as well as some level of access control to program code are some effective ways to protect application data.
  • Security in development and support processes is an important part of software quality assurance. It involves the training and continuous oversight by the most experienced staff.
  • Applications need to be monitored and updated to withstand technical vulnerabilities. The main procedure for applying software updates includes the evaluation of the updates to determine their appropriateness, whether or not they can be removed successfully if something goes wrong.

Related questions

Welcome to CPENTalk.com

Disclaimer: Every user is solely responsible for anything that he/she posts or uploads on CPENTalk.