An Approach be Operational Security in 3 and 4 Phases of Developing Software Systems

Document Sample
An Approach be Operational Security in 3 and 4 Phases of Developing Software Systems Powered By Docstoc

                                                              (IJCSIS) International Journal of Computer Science and Information Security,
                                                              Vol. 10, No. 7, July 2012

       An Approach be Operational Security in 3 and 4 Phases of
                   Developing Software Systems
                  Saman Aleshi                                   Nasser Modiri                                      Hossein Fruzi
    Dept. Department of Electrical and Computer    Dept. Department of Electrical and Computer       Dept. Department of Electrical and Computer
      Islamic Azad University, Zanjan Branch         Islamic Azad University, Zanjan Branch            Islamic Azad University, Zanjan Branch
                   Zanjan, Iran                                   Zanjan, Iran                                      Zanjan, Iran

    Abstract Security in today's software applications because raw             The U.S Department of Defense announced that the number of
    data acquisition system at the lowest level, the position is very          computers with security gaps 88% and 96% of these
    important however, part of the development application under               computers however are not aware of this defect
    consideration is the security and therefore also delirium costs have       [18].consequently IT will play a major role inhuman life if its
    to using and user. Security is essential in software development
                                                                               security is provided. Failures in IT security result not only in
    because the resource is protected to the integrity, availability and
    privacy of data guarantee. There are different models and                  destroying its enormous benefits but also in changing into a
    standards for information security. PSSS is one of those models            life threatening factor [10].
    specialized for providing security tasks in PSSS, as an efficient             IT is made up of various sectors such as human resource,
    software security model, in order to map in along with other               hardware, software, data, equipment and communication
    security models and standard for 3 and 4 phases of software                protocols, electronic and electric devices and so on. Dealing
    development, ensuring safety of task performance in the phases.            with all of the sectors is beyond the scope of this paper. We
                                                                               will focus on application software.
    Keywords - IT (Information Technology), IT security, Security                 Security like reliability or efficiency is one of the non-
    Models and Standards and their limitations.                                functional properties of the system. IT defines one of the
                           I.    INTRODUCTION                                  attributes of the system which reflects its capability to protect
                                                                               itself against intentional a or unintentional external attacks,
    Information which can be in various forms is the great asset an            hide the nature of information or resources, Prevent
    organization or business owns and is of vital importance, like
                                                                               unauthorized access to disclose private information; and data
    other assets. Because it is shared among the parts of an
                                                                               and resource reliability [7].
    organization or business, it causes great concern. Therefore, it
                                                                                  Security is defined as the situation in which a person is
    needs ways for protection. In particular, in environments
    where business interactions are growing and data are shared it             proceed from risks, threats and damages coming from social
    assumes great importance. Thus, the increased information                  life. Security is a fundamental, relative and stable need which
    dissemination subjects the information to a variety of threats             according to different view, can be to different extent and
    and damages [20].                                                          degree. In principle it is hard to identify, evaluate and
    Progresses in the field of IT and communications and                       implement security in a system [20]. According to Devanbu
    innovations resulting from it have increased productivity and              security, like beauty, is in the eye of the beholder [11].
    lead to emergence of new types of services. With the                          Information security is the protection of information against
    improved ever increasing power, capacity and price of micro                a wide range of threats in order to ensure continuity of
    electronic equipment which have led to the about 30 percent                business, minimize business risks and investment
    make it possible for all people to take advantage of this                  opportunities. Information security is achieved by
    technology. Today we live in a communication costs are                     implementing a set of effective controls including policies,
    falling.                                                                   processes, procedures, organizational structures and software
    And, the world people increasingly exchanging and                          and hardware functions [1].
    information and communication systems, attacks and threats                    Security has access to data at the lowest level and shares
    against such systems have increased as well. Security is                   them among user in various sectors. Sharing information,
    considered as one of the key issues raised while developing                however, causes excessive concern in organizations because
    the systems [2]. The number of these attacks are so high that,             security and protection are the key elements of sharing data.
    over the past years, more than 3500 annual damages have been               Applications can have a lot of gaps in different sectors [13].
    reported to Computer Emergency Readiness Team/                             Less experienced programmers, software at the risk of abuse,
    Coordination Center (CERT/CC) also, around 140000 security
                                                                               unskilled individuals lacking necessary skills or resources for
    events were presented to the center. The events happened were
                                                                               testing software are some of the reasons that have increased
    so great that CERT stopped publishing the statistics in 2004.
                                                                               the number of gaps [12]. That s why security, especially for

                                                                                                          ISSN 1947-5500

                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                            Vol. 10, No. 7, July 2012

    large organizations and corporations with data of critical             providing a comprehensive framework for evaluating security
    importance has caused concern. On the other hand, software             engineering activities to concentrate requirement for
    users and developers are mostly businessmen, not                       implementing of IT security. Different models and standards
    professionals. Therefore information security is not of concern        such as GMITS, NIST HANDBOOK, and BS7799 are derived
    to them and they overlook it [3].                                      from this model [14].
       Secure software is software that cannot be forced to perform            ISO/IEC 27002: this standard provides guidelines and
    unwanted tasks. Security at software can be considered from            general principles of starting, running, maintaining and
    two perspectives. First perspective relates to development of          improving information security management in an
    the software and creation of a safe environment to keep it. The        organization. Control objectives and controls considered in
    second perspective is about the development of software itself         this standard to meet the needs identified in risk to developing
    in a safe manner. Therefore, security is considered at different       organizational security standards and to effective security
                                                                           management practices in order to make inter-organizational
    phases of software development [17].
                                                                           activities reliable [1].
    Software development is composed of the following phases
                                                                               Operationally Critical Threat, Asset, and Vulnerability
                                                                           Evaluation (OCTAVE) Model: this model focuses on the
       Initial Phase: during this phase, all the necessary                 risk analysis of information technology assets and practical
    requirements for design or purchase of the system are                  solutions for reducing risk factors through overcoming
    determined and fully understood.                                       discovered security flaws. OCTAVE is designed for
                                                                           organizations that want identify what their information needs
       Development/Acquisition Phase: In this phase, functional            to be secure [19].
    and technical needs are mapped into information system                     ISO/IEC 15408: this standard having considered the
    programs.                                                              results of security assessment, this standards permit
                                                                           comparison. To do so it prepares a set of requirements for
       Implementation/Assessment Phases: In this stage, all                security function of IT products and system. And its standard
    tasks performed in analysis and design phases are mapped into          ensures their use according to security assessment.[16]
    readable codes for computer by developers and programmers.                 Team Software Process-security (TSP-Security) Model:
                                                                           This is one of the specialized models focusing on software
        Operation/Maintenance Phases; this stage, involves all             security. Software Engineering Institute (SEI) and Team
    activities required to keep the system functions in good               Software Process (TSP) are a set of operational process for use
    condition; these activities include wpkeeping the hardware and         by software development teams. TSP is a set of processes t
    reducing application faults.                                           help develop software. It also shows how to do things step by
                                                                           step and how to assess the completed task. To create security
       Disposal phase: In this stage, the system is replaced by            while developing software, SEI has added issues related to the
    another one or its feature is not needed any more.                     security of software development cycle to TSP [9].
      There are several models used to create information or                   Process to Support Software Security (PSSS) Models:
    software security. In this paper we aim to map one of these            Process to Support Software Security (PSSS), as a perspective
    models specialized in creating security for software and giving        on security engineering is associated with software
    better results in comparison with other models and standards-          development. This relation aims to improve the efficiency of
    into software development phase; accordingly the software              security projects by means of a set of activities in
    safety would be acceptable after it is created.                        aforementioned models and standards; accordingly developing
      The activities that will be done in this paper are as follows:       and organizing behaviors at time of software development, it
    section II deals with measures taken in the field of software          deals with common problems and limitations of information
    and information security and limitation of those measures. In          security model [21].
    the III section considering the current models and standards           PSSS has two important parts: Security Engineering and
                                                                           Security Auditing. Based on the goals followed by software
    the reason for which the issue of security is reconsidered is
                                                                           development, security engineering is to establish contact with
    presented. The proposed framework is presented in section IV.
                                                                           business plans and strategies, to monitor project in order to
    The tasks that need to be perfumed in the third and fourth
                                                                           archive security goals. Security audit is responsible for
    phases of software development are given in sections V and             ensuring whether software development is in compliance with
    VI results and conclusion of the study will be give in section         PSSS or not.
    VII and the references in the last section.                            This individual verity the impact of PSSS programs. For
                        II.   COMPLETED TASKS                              example, they state the results of activities and achievements in
                                                                           certain circumstances. A series of activities that should be done
    Tasks performed to create security for software and                    in PSSS are as follows:
    information will be summarized below.                                           Planning security
       Security System Engineering           Capability Maturity                    Assessing Security Vulnerability
    Model (SSE-CMM): a reference model is a process of                              Security risk model

                                                                                                       ISSN 1947-5500

                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                            Vol. 10, No. 7, July 2012

             The impact of risk assessment                                  A. Software Security needs a serious consideration
             Identifying security risks                                        The losses suffered by countries, companies and
             Specifying security needs                                         organization for software intrusion and damage are too
             Providing security information                                    costly. For one thing, the additional costs for U.S.
             Verifying and validating security                                 government potential attacks on critical infrastructure
             Managing security                                                 remain a serious concern. New automatic attack requires
             Monitoring security behavior                                      no human action to deliver4 destructive play loads, causing
             Ensuring security                                                 major concerns. In 2004 over 140000 attacks were reported
    Other standards can be added to these models and standards in              to CERT which is due to holes in software and networks
    the field of information security. In addition to models and               from 1999 to 2003(see figure 1).
    standards used in the field of information security, there are
    other pieces of software such as firewall, Intrusion Detection               6000
    Protect (IDS) or other applications like them that protected
    software data after it is created. Simply put, they enhance                  4000
    software security [15].
    But it still isn t easy to use these models and standards for the            2000
    following reasons [21]:
         The limitation of SSE-CMM: it is a complicated model                        0
     because it does not perform all tasks the system needs.
     Furthermore it does not explain how to perform the processes                         1999     2000      2001      2002       2003
     in the areas mentioned. Thus, it is hard to apply and                                       Figure 1: Holes reported by CERT CC
     implement this model.
         The limitation of ISO/IEC 27002: it includes a large                  security holes, if any, can have adverse effects on software,
     number of security controls executed in different processes of            e.g. , negative effect on the reliability
     various organizations. Also, it does not demonstrate how to
     execute security control in the best way, not specifying a
     standard.                                                              B. To develop security software is complex
         The limitation of OCTAVE: It tasks a self-directed                    Computer science is very extensive. For instance when you
     approach. Simply put, an individual from the organization                 combine two or more parts of a software to each has
     assumes responsibility for setting up, implementing and                   certain security characteristics the combined results should
     controlling security.                                                     not demonstrate security characteristics. To do so you need
         The limitation of ISO/IEC 15408: Due to its complex                   careful analyses.
     relationship which entails specialized knowledge, it is costly
     and time consuming. Moreover, it focuses only on certain                  When developing software with high quality, you need
     software products and overlooks the interrelationship                     educated and experienced personnel.
     between other software products.
                                                                            C. It s hard to define secure software in general
         The limitation of TSP-Security: First of all, its use
     requires investment in training and software developers                   The first necessity for software to be safe is defining
     should have necessary training for using this model.                      necessary specifications and properties. Security, it is
     Accordingly, the TSP use demands senior and project                       necessary to implement the specifications accurately.
     manager s support. Besides, for most organization, effective              What kind of security and privacy are required, what are its
     TSP use requires that the management and technical culture                costs and risk? These questions are hard to answer;
     and character be able to perform technical tasks carefully and            technical judgment does not help. Because it requires you
     consistently, the leadership be sustained, be a driving force             to view it from management and marketing perspective. In
     behind making TSP team self-directed.                                     particular, when customers don t have great interest in it or
         The limitation of PSSS: Identification and understanding              they have to pay for it, such view can be helpful.
     software property, lack of specialized knowledge for                      Finally, developing software with the qualities of privacy,
     functionality in all activities associated with threat model and          integration and appropriate accessibility which entails the
     need for more resources necessary for effective PSSS                      above-mentioned problems has made defining a security
     function.                                                                 software challenging.

               III.   CRUCIAL IMPORTANCE OF SECURITY                        D. Why are not the existing approaches in wide use?
    In addition to limitation and problems that were described                 Cost and needs are among the greatest hurdles in the way
    above for the models and standards, here, we will discuss the              of an organization which cause concerns when creating
    problems demanding that security be considered all the time,               security software, though there exits other reasons such as
    though there are models and standards for this purpose.                    users comfort, quick supply, more functionality and so on.

                                                                                                       ISSN 1947-5500

                                                                (IJCSIS) International Journal of Computer Science and Information Security,
                                                                Vol. 10, No. 7, July 2012

       After the customers and users awareness increased,                       phase will be impossible. According, after the software
       security was in great demand. But it s not paying the costs              development phases have been completed, the product will be
       of security.                                                             secure software.
       According to Microsoft reports, 20% of the security faults               In this paper, security tasks mentioned id [21] along with other
       are due to its design. To avoid such issues specialized skill            security issues associated security models and standards are
       and knowledge for security and design are required.                      divided into groups. Phases of software development are show
                                                                                in [22]. Grouped tasks are so that tasks of each group are
                                                                                consistent with one of the phases of software development. In
                     IV.    PROPOSED FRAMEWORK                                  fact, each group contains a set of security tasks that should be
    In comparison with the methods and standards for software                   done in a phase of software development. Each of these along
    products security, as PSSS focuses on security in a specialized             with a set of tasks necessary for software development is
    manner, it has particular importance. And because it has                    described and continued. Finally, after the end of each phase,
    produced satisfactory results, in parts put into use PSSS has               the product is compared against security standards. If security
    attracted importance. Other methods and have rudimentary                    is acceptable, we will enter the next phase. This procedure is
    conceptual foundation and don t put much emphasis on                        followed in the other phases. On the other hand, if the product
    designing and analyzing phases, not producing the same                      isn t security measures will be tightened.
    results as PSSS. However, PSSS has its own disadvantages
                                                                                Besides the things that to establish security in software are
    that were mentioned above [5].
                                                                                described, Output that each task security must have, Work
    Software development cycle has phases which the input of
                                                                                independently parallel to the security task, And work-related
    each phase is the output of previous phase. So, if we can deal
                                                                                security tasks that must be done to increase security in this
    with security issues in each phase besides software
                                                                                article is also shown. Figure 2 is as a schematic of tasks that to
    development, it is possible to produce secure software. In each
                                                                                be done, show in this paper
    phase, there are criteria and parameters associated with
    security which should be met; otherwise transition to next

                                                Topics related to software development
                       First of Phases                                                         Activities for software development

                                                                                   Completion of software development
                   Topics related to security



                                                                                           End of phase and go to next phase

                                                            Figure2. The Proposal Framework

                                                                                   Output: the result of activities done are demonstrated which
    This paper describes activities to tighten software security-                   creates a situation to elicit proposals and comments on the
    besides; the output of these activities, activities dependent on                past and future activities.
    and independent from these security activities are also                        Synchronization: activities that should be performed at the
    included in the paper.                                                          same time with those to tighten security are necessary.
        The initial phase: at this stage in the project, how to                    Interdependence: key interdependence besides other
    initiate the activities are demonstrated                                        necessary tasks is identified to make sure that
        Software development activities: activities and tasks                       coordinating security activities have no negative effect on
         performed to develop software.                                             other processes of IT.
        Description: activities and tasks to tighten security are                  In phase safe?: The situation is reviewed to see whether
         identifies and described.                                                  the software has lived up to the expectations or not.

                                                                                                              ISSN 1947-5500

                                                              (IJCSIS) International Journal of Computer Science and Information Security,
                                                              Vol. 10, No. 7, July 2012

        End of the phase and going into next phase: at this stage,                     Issues arising during the installation should be
         the software is developed safely and it can enter into the               evaluated for inclusion into contingency plans based on the
         next phase.                                                              potential for reoccurrence.
       In next section, we present the tasks should be performed in                    During the system installation ISSO should make sure
    the first, second, third, fourth and fifth phase according to                 that controls are located in place and configured properly
    framework offered in the present section. Accordingly when                    and deliver the verified list to the system owner and AO.
    we complete a phase, it can enter into the next phase safely.               d. Interdependence
                                                                                  Changes to the core security documents should be updated.
                 IMPLEMENTATION/ASSESSMENT PHASE                              C. Assessment of system security
    Necessary tasks of the phase are as follows:                                a. Description
                                                                                   System development or changes in hardware, software, or
                                                                                 how they interact must be validated before evaluation. The
    A. Creating a detailed plan for C&A                                          purpose of security assessment processes is to validate that
      a. Description                                                             the system is consistent with functional and security
        AO is responsible for risks to the system. There is a                    requirements and it has an acceptable level of security risk.
      relation between risks and final operation of the system. If               Security controls should be done. Before the initial
      there are undetected risks to the system, they can cost an                 operation, security endorsement should be issued to the
      arm and leg to the system later. There for, AO is required                 extent controls are implemented, operations are confidence.
      until the risks are fully identified. Combining changes                    Finally, the desired results are achieved and evaluated. Also,
      needed during the planning stage as required, risk                         periodic testing and assessment of security controls in
      identification makes it easy a simple to select resource.                  information ensure efficiency of security controls, security
        AO and development team should cooperate in: solving                     validation may discover and describe gaps in the
      problems relating to test results and data in the system; how              information system. With efficiency of security controls and
      the changes should be made; how these changes should be                    information system gaps made clear, we have essential
      reflected in the environment; and how a secure working                     information for authorities to issue permits necessary to fill
      group working        that can include people such as users,                the gaps.
      managers, plan supporting , administrational including                    b. Output
      A&C, and system analyzer- can be formed.                                     Security assessment packs include reports for security
      b. Output                                                                  assessment, POA&M and updating system security plans.
        Initial work plan: planned documents identify key roles,                c. Synchronization
      project limitations, main parts scope of the test, and a degree             Results of validation packs are issued in written form for
      of accuracy.                                                              owners of the system, ISSO and system administrators and
      c. Synchronization                                                        assessment results are shared among them.
        Informing AO about the things, ISSO system owner s                      d. Interdependence
      complete and present documents required C&A initiation                      All previous steps are followed.
      and conduct.
      d. Interdependence
                                                                              D. Authorizing information systems
        Planning for assessment of security controls extracts
      necessary information from documents or scheduled                         a. Description
      meeting.                                                                    To process, save and transfer information security
                                                                                authorization of security systems are required, these
                                                                                permissions issued by security authorities are to state that
    B. Integration of security into the system or established                   security controls are checked. Decision on security
        environment                                                             certificates is risky and it is heavily dependent on testing
      a. Description                                                            results and security assessment produced during processes of
         Operation integration tasks place at the operational site              security control verification licenses are as allows:
      when information systems are expanded for an operation.                        To complete system security plans
      After information systems are delivered and installed,                         The results of testing and security assessment
      integration and acceptance testing occur. When security                        POA&M
      controls are included in the developer s instructions,                    b. Output
      guidelines will be available for implementing security,                        Authorized security decisions will be documented and
      offering documented security specifications.                                   transferred from authorizing officials to system owner
      b. Output                                                                      and ISSO.
             Verification of a list of operations of security controls.              Final security authorization package
             Completion of system documents.                                    c. Synchronization
      c. Synchronization

                                                                                                         ISSN 1947-5500

                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                            Vol. 10, No. 7, July 2012

           Statistics for inventory and reports of the system should               Updated security documentation (System security plan
           be updated to reflect a valid condition.                                and POA&M)
           If the system is valid, CPIC activities will be reflected               Security assessment of documentation changed in the
      d.   Interdependence                                                         system.
           Security documentation and budget are updated                      c. Synchronization
           according to the results.                                               Security documentation should be updated at least once
           The structure of information systems is validated.                      year become of the marked changes.
                                                                                   CM documentation should provide continuous
                                                                                   monitoring plan for the system.
                                                                              d. Interdependence
                                                                                Security architecture should provide key details of security
                                                                              services to components which is used as a criterion for
      Tasks necessary for tightening security in this phase will be
                                                                              effective evaluation of planned changes
    presented below:

                                                                            C. Monitoring the results continuously
    A. Review of operational readiness
                                                                              a. Description
      a. Description                                                            The ultimate goal is continuous monitoring. It guarantees
        In many cases that systems are transferred to production
                                                                              effective monitoring when there are inevitable cases needing
      environment, unplanned changes are drastic, security controls
                                                                              security control. Good management and design of continuous
      are modified or integrated although these steps may not be
                                                                              monitoring processes can lead to reduction of risks
      always required, they can reduce risks, if any.
                                                                              effectively by meeting all of the requirement. Monitoring the
      b. Output                                                               efficiency of security controls continuously can be done
        If there are changes in the system, the implications for
                                                                              using various methods such as security check, self-
      security are examined.
                                                                              assessment, configuration management and security
      c. Synchronization                                                      assessment and testing
        System administrator and ISSO and the owner of system
                                                                              b. Output
      confirm that system operations are consistent with security                  Results of documented continuous monitoring
      needs. Changes observe at the last moment are dangerous for                  Review of POA&M
      the system and should be verified by the system owner.                       Security review, metrics, assessments, security analysis
      d. Interdependence                                                           trend.
           Review of operational readiness which is complement to
                                                                                   Updating security documentation and decision on
           C&A processes ensures that the changes already made                     validation.
           will eliminate potential risks.
                                                                              c. Synchronization
           Any changes in security controls should be reflected in
                                                                                Continuous monitoring should be regulated so that the risk
           security documentation.
                                                                              level may become lower significantly. Therefore, security
                                                                              controls are changed, increased or discontinued.
    B. Control and management of the configuration performed                  d. Interdependence
      a. Description                                                            Continuous monitoring enables system owners to update
        Efficiency of management control of the organizations                 reports of security assessment; they use a right tool for
      configuration and reflected methods are necessary in order to           monitoring the products continuously which is based on the
      take security impact into due consideration with regard to              security plans of information systems.
      changes in information systems or their surrounding
      environment. Management and configuration control                                     VII. RESULT AND CONCLUSION
      methods provide initial baseline for hardware, software or
      programs which are always in the memory. This baseline is                Activities stated in this paper were done to design, implement
      essential to information systems. Subsequent changes in the           and execute software for management of a three-star HOTEL .
      system will be controlled and maintained.                             Results achieved for implementing the software and using the
        Documentation of changes in information systems and                 tasks suggested in the paper are summarized below:
      assessment will have a major effect on maintenance of the                   Raising awareness of importance of security in software
      validation. When important and essential inputs are combined             development, using a self-oriented process, based on well-
      with be followed effectively. According, the ability of an               known security methods.
      organization to identify considerable changes facilitates the               It has been defined as a factor of the assessment and
      control of system security and the impact of security. This              evaluation of vulnerability, threat, impact and security risk in
      helps to make sure of assessment and testing.                            each phase of software development based on security
      b. Output                                                                measures.
           Decisions of Change Control Board (CCB)

                                                                                                        ISSN 1947-5500

                                                                       (IJCSIS) International Journal of Computer Science and Information Security,
                                                                       Vol. 10, No. 7, July 2012

          Showing the importance and necessary of the assessment                       [16] Zeinab Moghbel, Nasser Modiri, , A Framework for Identifying Software
                                                                                       Vulnerabilities within SDLC Phases , (IJCSIS) International Journal of
      necessary to security , based on vulnerability, threat, the                      Computer Science and Information Security, 2010, vol 9
      impact on and security risk to information;                                       [17] James E. Purcell, Defining and Understanding Security in the Software
          Emphasize on importance of security tests, as a criterion                    Development Life Cycle , 2007
      for assessment and approval of security, is a permanent and                      [18] last visit: September 2011
                                                                                       [19] last visit: September 2011
      continuous activity which depends on verification of security                    .[20] Gilbert, Chris, 2003 11, Guidelines for an Information Sharing Policy,
      requirements.                                                                    SANS Institute - USA, version 1
          It states a need for formal definition of processes to                       [21] Francisco José Barreto Nunes1, Arnaldo Dias Belchior, PSSS - Process to
      ensure that the established security acceptable.                                 Support Software Security , XXII Simpósio Brasileiro de Engenharia de
                                                                                       Software. Oct 2008, 4th.
    In the end, we want to review what have been done in this
    paper. In first section, the reasons for the interest in the security
    were offered. What have been done in this regard and the
    limitations were stated in second section. In third section, we
    stated that considering available models and standards, security
    should be given more attention. In fourth section, we suggested
    a framework that we want to map PSSS into phases of software
    development with this framework. PSSS is specialized in
    development secure software. Section V and VI presented the
    tasks that should be performed within the proposed framework
    for 5phase software development. The results of action within
    this framework to produce the software for the management of
    3-star hotel are presented in section 10.
    [1] Iranian national institute for industrial research, 2007, IT-security
    techniques- Information security management Function, Tehran, iran, 1st
    [2] extension of RUP for development of secure system, Hamidreza baghi,
    Puya Jaferian, gholnaz sadeghian, computer engineering and IT school, Amir
    kabir technical university, annual conference of Iranian computer sociery 2004.
    [3] security measures for non-agent defence in IT environment, MA thesis,
    higher Education school, Tehran jonob Azad university 2009.
    [4] a framework assessment of detect and gaps in software application, Esmat
    Ali Mohammad, MA thesis, higher Education school, Tehran shomal Aazad
    university, 2009
    [5] Security software architecture engineering, Nasser Modiri, mehreghan-e-
    Ghalam publication, Tehran, Iran, 1st volume
    [6] Noopur Davis, Michael Howard, Watts Humphrey, 2004, Processes to
    Produce Secure Software , National Cyber Security, Volume 1
    [7] Al Azzazi Ahmad, El Sheikh Asim, Security Software Engineering: Do it
    the right way , Conf. on Software Engineering, Parallel and Distributed
    Systems, 2007, 6th, 5.
     [8] Joint endeavor by Information Assurance Technology Analysis Center
    (IATAC) with Data and Analysis Center for Software (DACS), 2007, Software
    Security Assurance State-of-the-Art Report (SOAR), Woodland Park Road,
    First Publication.
    [9] Watts S. Humphrey, November 2000, the Team Software Process (TSP),
    Carnegie Mellon University USA, 1
    [10]A.Kumar,K.Negrat,A.M.         Negrat,and      A.Almarimi,      A     Robust
    Watermarking using Blind Source Separation , Proceedings of world academy
    of science, engineering and technology ,vol.28,April 2008.
    [11] Barnum, S.; McGraw, G., Knowledge for software security , Security &
    Privacy IEEE, March-April 2005, Volume: 3, Issue: 2,
    [12] Gilliam, D.P, Security Risks: Management and Mitigation in the Software
    life cycle , IEEE International Workshops on Enabling Technologies:
    Infrastructure for Collaborative Enterprises (WETICE'04), 2005, 13th, 6
    [13] Yasar, A.-U.-H.; Preuveneers, D.; Berbers, Y.; Bhatti, G.; Reported
    flaws in Common Vulnerabilities and Exposures Database , Multitopic
    Conference, 2008. INMIC 2008. IEEE International, Dec 2008, 11,
    [14] Hopkinson John P. the Relationship between the SSE-CMM and IT
    Security Guidance Documentation , Principal Engineer, Security Architect
    EWA, 1999, 18
    [15] David Gilliam, John Powell, Eric Haugh, Matt Bishop, Addressing
    Software Security and Mitigation in the Life Cycle Software Engineering
    Workshop, 2003. Proceedings. 28th Annual NASA, 8494821, Page 201 206

                                                                                                                      ISSN 1947-5500