Software Security Design and Testing

Elektroninen kaupankäynti ja pankkipalvelut ovat herättäneet toiminnan jatkuvuuden kannalta erittäin kriittisen kysymyksen siitä, kuinka näitä palveluja pystytään suojaamaan järjestäytynyttä rikollisuutta ja erilaisia hyväksikäyttöjä vastaan.

E-commerce, M-commerce and electronic banking has introduced a growing concern about information system security. The main questions from the point of information system developer and application provider is how these critical information systems can be secured against all types of compromises in the future, where electronic transactions are playing the leading role.There has not been much research in the field of Software Security Engineering. System developers have used to pay a little or no concern for system security and this has made the information systems vulnerable for all types of attacks. The insecurity of information systems prevents the acceptance of information systems in critical applications and delays the pace that new information systems for security critical applications can be introduced to the global markets. This insecurity of information systems has also allowed a new growing business that is selling security related applications for system developers and application providers.Information systems can be developed to be secure, if all product development phases are committed in a systematic way, same time considering security aspects and implications of the information system. This research work studies all relevant phases for System Security Engineering and gives a basis for secure application development.