Context: The most important non-functional requirement of the software application is the security. Developing Secure Software is a challenging Process. Software vulnerabilities and defects may disclose by developers, users, hackers due to Software-intensive systems get connected more and more in every day’s lives. A better way to develop secure software is, enhance security processes in all the phases in SDLC. To enhance security in SDLC process required lots of mechanisms and systematic measures to assess the security during the development process. Objective: In this paper, we propose a method “Security aware-Software Development Life Cycle (Sa-SDLC) using Security Patterns”. We also measure our security efforts in SDLC. This method fills the insecurity gaps from root level to top level in Granular style approach. Our method is suggestible for security critical applications such as Medical, Finance, Legacy and Communication (Messaging like email) Systems. Results: we successfully implemented our approach on remote health monitor since IoT devices are convenient in everyday life, these devices are using in home, environment, healthcare due to its feasible networking, storage and process features etc. In IoT health care applications, security of the sensitive data is paramount since humans are part of the IoT platform. IoTs heterogeneous network connectivity and expected growth, opens many new threats and attacks which impacts on life of a patient. Conclusion: Hence, our proposed methodology is implemented on Security Essential IoT based health care application and measures shows our method is improved software security
Towards Developing Secure Software Using Problem-Oriented Security Patterns
