Measuring Developers' Software Security Skills, Usage, and Training Needs

Software security does not emerge fully formed by divine intervention in deserving software development organizations; it requires that developers have the required theoretical background and practical skills to enable them to write secure software, and that the software security activities are actually performed, not just documented procedures that sit gathering dust on a shelf. In this chapter, the authors present a survey instrument that can be used to investigate software security usage, competence, and training needs in agile organizations. They present results of using this instrument in two organizations. They find that regardless of cost or benefit, skill drives the kind of activities that are performed, and secure design may be the most important training need.

Performing Security on Digital Images

In image watermarking, information is embedded in the original image for many reasons, such as ownership proofing, alteration detection, and/or fingerprinting, but it can also be used for real-time services such as e-payment, broadcast monitoring, and surveillance systems. For these, the data embedded must be extractable even if the image is manipulated intentionally or unintentionally. In contrast, robust techniques are the kind of watermarking that could assure the authenticity and protect the copyright. Many robust image watermarking approaches have been proposed in the last few years, and the purpose of this chapter is to provide a survey about recent relevant robust image watermarking methods existing in the literature.

An Evaluation of a Test-Driven Security Risk Analysis Approach Based on Two Industrial Case Studies

Risk-driven testing and test-driven risk assessment are two strongly related approaches, though the latter is less explored. This chapter presents an evaluation of a test-driven security risk assessment approach to assess how useful testing is for validating and correcting security risk models. Based on the guidelines for case study research, two industrial case studies were analyzed: a multilingual financial web application and a mobile financial application. In both case studies, the testing yielded new information, which was not found in the risk assessment phase. In the first case study, new vulnerabilities were found that resulted in an update of the likelihood values of threat scenarios and risks in the risk model. New vulnerabilities were also identified and added to the risk model in the second case study. These updates led to more accurate risk models, which indicate that the testing was indeed useful for validating and correcting the risk models.

State Actor Model for Cloud-Based Online Auction

In recent decades, internet auctions have become the most significant e-commerce business model worldwide. With the rapid rise of cloud computing over the last few years, the legacy online auction platform is gradually being replaced using service-oriented cloud computing in real time. This chapter describes the design and implementation of a state and high-performance online auction system over cloud and proposes the methodology to provide persistent state records during the auction process so that we are able to ensure the reliability of submitted bid price and guarantee the security of price message in the delivery process. The authors employ actor-based applications to achieve stateful, parallel, and distributed architecture. Meanwhile, utilizing distributed databases provides secure and efficient data storage. To the best of the authors' knowledge, this is the first time that the actor framework has been applied to the online auction. The preliminary result is for implementation of high-performance and real-time bidding online auction.

Challenges in Agile Security Engineering

This chapter describes a case of a large ICT service provider building a secure identity management system for a government customer. Security concerns are a guiding factor in the design of software-intensive products and services. They also affect the processes of their development. In regulated environments, development of products requires special security for the development processes, product release, maintenance and hosting, and also require security-oriented management and governance. Integrating the security engineering processes into an agile development model is argued to have the effect of mitigating the agile methods' intended benefits. The project case was an effort of multi-team, multi-site, security engineering, and development work, executed using the Scrum framework and regulated by governmental security standards and guidelines. In this case research, the experiences in combining security engineering with agile development are reported, challenges discussed, and certain security enhancements to Scrum are proposed.

A Framework for Image Encryption on Frequency Domain

In this chapter, the authors propose an improved image encryption algorithm based on digital watermarking. The algorithm combines discrete wavelet transform (DWT), discrete cosine transform (DCT), and singular value decomposition (SVD) together in a DWT-DCT-SVD framework to improve the robust watermarking technique. The secret image is embedded into both high-frequency and low-frequency sub-bands of the host image; this makes it difficult to be attacked in all the sub-bands. To reduce the size of a secret key, the authors use a logistic map to generate random images so as to replace the host images. They tested the algorithm by using five types of attacks and the results indicate that the proposed algorithm has higher robustness than traditional chaotic scrambling method and the DRPE method. It shows strong resilience against the five types of attacks as well as statistical attacks.

Blockchain for Security of Cloud-Based Online Auction

Online auction is one of the most successful internet business models. However, auction fraud has become the highest threat and hazard to the future of this business model. The blockchain provides a new perspective to resolve this problem. It can be used for current financial services, certificates, remittances, and online payments; meanwhile it also provides several crucial services such as smart contract, smart property, trust system, and security services. This chapter discusses how to apply blockchain to a cloud-based online auction and the principle of operation. The purpose is to fundamentally solve the problem of online fraud caused by information asymmetry of electronic transactions. To the best of the authors' knowledge, this is the first time that the blockchain has been applied to authentication of online auction. The preliminary contribution is for preventing auction fraud from the aspects of smart properties and smart contract.

Designing Secure Software by Testing Application of Security Patterns

Simply confirming potential threats and vulnerabilities in an early stage of the development process (e.g., the requirement or design phase) is insufficient because software developers are not necessarily security experts. Additionally, even if the software design considers security at an early stage, whether the software actually satisfies the security requirements must be confirmed. To realize secure design, the authors propose an application to design software systems with verification of security patterns using model testing. The method provides extended security patterns, which include requirement- and design-level patterns as well as a new designing and model testing process that uses these patterns. Once developers specify threats and vulnerabilities in the target system in an early stage of development, the method can verify whether the security patterns are properly applied and assess if the vulnerabilities are resolved.

Modeling and Re-Evaluating Security in an Incremental Development of RBAC-Based Systems Using B Method

Incremental software development through the addition of new features and access rules potentially creates security flaws due to inconsistent access control models. Discovering such flaws in software architectures is commonly performed with formal techniques that allow the verification of the correctness of a system and its compliance with applicable policies. In this chapter, the authors propose the use of the B method to formally, and incrementally, design and evaluate the security of systems running under role-based access control (RBAC) policies. They use an electronic marking system (EMS) as a case study to demonstrate the iterative development of RBAC models and the role of the B language in exploring and re-evaluating the security of the system as well as addressing inconsistencies caused by incremental software development. Two formal approaches of model checking and proof obligations are used to verify the correctness of the RBAC specification.

Quantitative Security Assurance

Security assurance is the confidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. Existing approaches can be characterized as (1) qualitative in nature, (2) tend to achieve their goals manually to a large extent, (3) very costly, (4) development-process oriented, and finally, (3) treat all security requirements within one domain equally for all applications regardless of the context. In this chapter, the authors propose a security assurance framework and its assurance evaluation process. The framework and process depend on a quantitative security assurance metrics that were developed too. The proposed metric considers both the security requirements and vulnerability. Weight has been introduced to the security requirement metric to measure the importance of security requirements that need to be fulfilled. The framework with the proposed quantitative assurance metrics are evaluated and validated using two field case studies related to two operational REST APIs that belong to and are used by Statistics Norway.