Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

The Network Security Assessment Instrument to Reduce Software Security Risk


Affiliations
1 Dept of IT., Gurunank Engineering College, an NBA Accredited College Located in Ranga Reddy Dist, Hyderabad, Ibrahimpatnam, India
2 Department of Information Technology, JNTU University, Gnec, Hyderabad, Andhra Pradesh, 501510, India
     

   Subscribe/Renew Journal


The network security assessment instrument is a comprehensive set of tools that can be used individually or collectively to ensure the security of network aware software applications and systems. Using the various tools collectively provide a distinct advantage for assuring the security of software and systems.Each tool’s resulting output provides feedback into the other tools.Thus more comprehensive assessment results are attained through the leverage each tool provides to the other when the are employed in concert. This project presents a portion of a research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

The portion, the flexible modeling Framework (FMF), has promise in the areas of network security as well as other critical areas such as system safety.

Software Security is a major concern due to the risk to both controlled and no controlled systems from potential lost or corrupted data, theft of information, and unavailability of systems, especially mission critical systems,

This research examines formal verification of IT security of
network aware software and systems through the creation of a security assessment instrument for the software development and maintenance life cycle.
The network security assessment instrument is composed of 5 parts:
1. A Vulnerability Matrix
2. Additional Security Assessment Tools (SATs)
3. A Property Based Testing (PBT) Tool, and
4. A Flexible Modeling Framework (FMF)
5. A Software Security Checklist
The vulnerability contains vulnerability descriptions and the code used to exploit them.
The SATs are a collection of tools available to test for potential weaknesses of software code. The PBT tool performs formal verification of properties at the code level. Like the PBT tool, the FMF formally verifies properties over the system.
The FMF performs this action at the abstract level when code may or may not yet exist.

The SSC will provide software code developers with another instrument for writing secure code for network aware applications


Keywords

Additional Security Assessment Tools (SATs), Flexible Modeling Framework (FMF), Property Based Testing (PBT) Tool, Software Security Checklist (SSC), and Vulnerability Matrix.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 223

PDF Views: 2




  • The Network Security Assessment Instrument to Reduce Software Security Risk

Abstract Views: 223  |  PDF Views: 2

Authors

N. Prasanna Balaji
Dept of IT., Gurunank Engineering College, an NBA Accredited College Located in Ranga Reddy Dist, Hyderabad, Ibrahimpatnam, India
U. Sreenivasulu
Department of Information Technology, JNTU University, Gnec, Hyderabad, Andhra Pradesh, 501510, India
Ganji pramod
Department of Information Technology, JNTU University, Gnec, Hyderabad, Andhra Pradesh, 501510, India

Abstract


The network security assessment instrument is a comprehensive set of tools that can be used individually or collectively to ensure the security of network aware software applications and systems. Using the various tools collectively provide a distinct advantage for assuring the security of software and systems.Each tool’s resulting output provides feedback into the other tools.Thus more comprehensive assessment results are attained through the leverage each tool provides to the other when the are employed in concert. This project presents a portion of a research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

The portion, the flexible modeling Framework (FMF), has promise in the areas of network security as well as other critical areas such as system safety.

Software Security is a major concern due to the risk to both controlled and no controlled systems from potential lost or corrupted data, theft of information, and unavailability of systems, especially mission critical systems,

This research examines formal verification of IT security of
network aware software and systems through the creation of a security assessment instrument for the software development and maintenance life cycle.
The network security assessment instrument is composed of 5 parts:
1. A Vulnerability Matrix
2. Additional Security Assessment Tools (SATs)
3. A Property Based Testing (PBT) Tool, and
4. A Flexible Modeling Framework (FMF)
5. A Software Security Checklist
The vulnerability contains vulnerability descriptions and the code used to exploit them.
The SATs are a collection of tools available to test for potential weaknesses of software code. The PBT tool performs formal verification of properties at the code level. Like the PBT tool, the FMF formally verifies properties over the system.
The FMF performs this action at the abstract level when code may or may not yet exist.

The SSC will provide software code developers with another instrument for writing secure code for network aware applications


Keywords


Additional Security Assessment Tools (SATs), Flexible Modeling Framework (FMF), Property Based Testing (PBT) Tool, Software Security Checklist (SSC), and Vulnerability Matrix.