Can anyone send me all the answers of "Great Expectations" Reference to the context?
Answers
Answer:
The most of security flaws discovered in applications and system were caused by gaps in system development methodology. In order to cover this problem, it will be presented aspects of security development process improvement along product/project life cycle, in particular covering the best practices for Security Requirements Analysis.
Introduction
Nowadays, the information security is demanding a great attention due to a large number of discovered vulnerabilities in the applications/systems announced as secure. It is well known it is very hard to build an application with no bugs and/or security breaches, nevertheless, the companies cannot give up improving development processes and adapting them to the current scenarios.
Besides the several publications of academic researchers and industries about the importance of security practices in the System Development Life Cycle (SDLC), there is a paradox for implementation. Most of development centers fail to apply the recommendations due to resistance to new processes and mindset adaptation. It also common the engineers and developers are resistant to accept their applications are subject to security flaws.
Even the development teams understand the importance of new security paradigm for SDLC, although, they are concerned about it, unfortunately, this is not enough. In order to reach the security goals, it is necessary a detailed and deeply knowledge on security procedures and techniques. A comprehensive Security Policy (SP) is the most important reference to guide a security development and all hardware engineers, developers, application architects, software engineers, testers and project leaders must see it as a law. It establishes rules for all development phases: requirements, design/architecture, implementation, testing and maintenance, and shall define the responsibilities for all roles involved in development process. Also, establish rules for requirements phase must attend the security principles, such as information security, integrity, privacy, confidentiality, Information availability, continuity, based on environment and public threats to the system. Certainly, process and its implementation require preparation time and a detailed planning.
This presentation will cover the Security Aspects on Requirements Analysis, the first step of SDLC. This is the proper step to identify and define the security specification targets, the necessary methods for the system and how important these activities are. Next, a discussion about security principles that support Requirements Elicitation, analysis and specification disciplines is brought to the audience. Of course, a model must be flexible to fit all needs and it will be presented hints on how to adapt the Security Requirements Modeling and, finally, a practical case of study will be presented to demonstrate the concepts in practical way.
Heyy....r u a NCTzen cuz I noticed ur pfp is Lucas which is my bias too :))
r u interested to be friends with u? ^~^