Imagem da capa

Um modelo complementar para aprimorar a segurança da informação no SDLC para dispositivos móveis: SDD - security driven development

The increasingly wide and intense use of mobile devices - whose processing and storage capacity grows almost overcoming the desktops - exposes greatly issues relating to information security in this environment. This is a worrying fact. However, the models currently found in the literature and used...

ver descrição completa

Autor principal: Paulo, Luis Gonzaga de
Formato: Dissertação
Idioma: Português
Publicado em: Universidade Tecnológica Federal do Paraná 2016
Assuntos:
Software - Desenvolvimento
Software - Proteção
Proteção de dados
Hackers
Computação
Computer software - Development
Software protection
Data protection
Computer hackers
Computer science
CNPQ::CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO
Acesso em linha: http://repositorio.utfpr.edu.br/jspui/handle/1/1895
Tags: Adicionar Tag
Sem tags, seja o primeiro a adicionar uma tag!
Resumo: The increasingly wide and intense use of mobile devices - whose processing and storage capacity grows almost overcoming the desktops - exposes greatly issues relating to information security in this environment. This is a worrying fact. However, the models currently found in the literature and used by software industry in developing mobile applications with the highest information security requirements are not yet answering users’ needs for more security, and may be improved adding specific methods or techniques, sometimes already used in desktop - or not mobile ones - applications development. This work proposes to insert information security approach early in the software development life cycle using threats and vulnerabilities study, the early application of abuse case - also called misuse cases, the risk analysis, the risk based security test and the use of attack machines in the development process. To reach the research goal, this work analyzed usual models used on SDLC from the information security point of view, and presents a new approach thru the use of a security driven development complementary model. The work also presents some templates and uses a case study for apply the concepts and evaluate the main contributions discussed in the text, also as the preliminary results obtained on the research.

Registros relacionados