NDLI logo
  • Content
  • Similar Resources
  • Metadata
  • Cite This
  • Log-in
  • Fullscreen
Log-in
Do not have an account? Register Now
Forgot your password? Account recovery
  1. Proceedings of the 2016 New Security Paradigms Workshop (NSPW '16)
  2. A case for the economics of secure software development
Loading...

Please wait, while we are loading the content...

I'm not sure if we're okay: uncertainty for attackers and defenders
Harvesting the low-hanging fruits: defending against automated large-scale cyber-intrusions by focusing on the vulnerable population
Cross-layer personalization as a first-class citizen for situation awareness and computer infrastructure security
Cybersecurity as a Politikum: implications of security discourses for infrastructures
Content-based security for the web
Trusted execution environment-based authentication gauge (TEEBAG)
Rethinking operating system design: asymmetric multiprocessing for security and performance
Searching for software diversity: attaining artificial diversity through program synthesis
A case for the economics of secure software development

Similar Documents

...
Secure software engineering teaching modules

Article

...
When Security meets Software Engineering: A Case of Modelling Secure Information Systems. Information Systems

Article

...
S2D-ProM: A Strategy Oriented Process Model for Secure Software Development

Article

...
Reusing security solutions: a repository for architectural decision support

Article

...
Synthesis of secure software development controls

Article

...
Tracking requirements and threats for secure software development

Article

...
Case Base for Secure Software Development Using Software Security Knowledge Base

Article

...
Economic and financial analysis of investments in information security

Article

...
Security engineering towards building a secure software.

A case for the economics of secure software development

Content Provider ACM Digital Library
Author Simpson, Andrew Heitzenrater, Chad
Abstract Over the past 15 years the topic of information security economics has grown to become a large and diverse field, influencing security thinking on issues as diverse as bitcoin markets and cybersecurity insurance. An aspect yet to receive much attention in this respect is that of secure software development, or 'SWSec' --- another area that has seen a surge of research since 2000. SWSec provides paradigms, practices and procedures that offer some promise to address current security problems, yet those solutions face financial and technical barriers that necessitate a more thorough approach to planning and execution. Meanwhile, information security economics has developed theory and practice to support a particular world-view; however, it has yet to account for the investments, constructs and benefits of SWSec. As the frequency and severity of computer misuse has increased, both areas have struggled to impart a new mindset for addressing the inherent issues that arise in a diverse, connected and functionality-driven landscape. This paper presents a call for the establishment of an economics of secure software development. We present the primary challenges facing practice, citing relevant literature from both communities to illustrate where commonalities lie --- and where further work is needed. Those challenges are decomposed into a research agenda, deriving from the application of principles in both themes a lack of models, representation and analysis in practice. A framework emerges that facilitates discussions of security theory and practice.
Starting Page 92
Ending Page 105
Page Count 14
File Format PDF
ISBN 9781450348133
DOI 10.1145/3011883.3011884
Language English
Publisher Association for Computing Machinery (ACM)
Publisher Date 2016-09-26
Publisher Place New York
Access Restriction Subscribed
Subject Keyword Secure software engineering Information security investment Software security economics
Content Type Text
Resource Type Article
  • About
  • Disclaimer
  • Feedback
  • Sponsor
  • Contact
  • Chat with Us
About National Digital Library of India (NDLI)
NDLI logo

National Digital Library of India (NDLI) is a virtual repository of learning resources which is not just a repository with search/browse facilities but provides a host of services for the learner community. It is sponsored and mentored by Ministry of Education, Government of India, through its National Mission on Education through Information and Communication Technology (NMEICT). Filtered and federated searching is employed to facilitate focused searching so that learners can find the right resource with least effort and in minimum time. NDLI provides user group-specific services such as Examination Preparatory for School and College students and job aspirants. Services for Researchers and general learners are also provided. NDLI is designed to hold content of any language and provides interface support for 10 most widely used Indian languages. It is built to provide support for all academic levels including researchers and life-long learners, all disciplines, all popular forms of access devices and differently-abled learners. It is designed to enable people to learn and prepare from best practices from all over the world and to facilitate researchers to perform inter-linked exploration from multiple sources. It is developed, operated and maintained from Indian Institute of Technology Kharagpur.

Learn more about this project from here.

Disclaimer

NDLI is a conglomeration of freely available or institutionally contributed or donated or publisher managed contents. Almost all these contents are hosted and accessed from respective sources. The responsibility for authenticity, relevance, completeness, accuracy, reliability and suitability of these contents rests with the respective organization and NDLI has no responsibility or liability for these. Every effort is made to keep the NDLI portal up and running smoothly unless there are some unavoidable technical issues.

Feedback

      Sponsor

      Ministry of Education, through its National Mission on Education through Information and Communication Technology (NMEICT), has sponsored and funded the National Digital Library of India (NDLI) project.

      Contact National Digital Library of India
      Central Library (ISO-9001:2015 Certified)
      Indian Institute of Technology Kharagpur
      Kharagpur, West Bengal, India | PIN - 721302
      See location in the Map
      03222 282435
      Mail: support@ndl.gov.in
      Sl. Authority Responsibilities Communication Details
      1 Ministry of Education (GoI),
      Department of Higher Education
      Sanctioning Authority https://www.education.gov.in/ict-initiatives
      2 Indian Institute of Technology Kharagpur Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project https://www.iitkgp.ac.in
      3 National Digital Library of India Office, Indian Institute of Technology Kharagpur The administrative and infrastructural headquarters of the project Dr. B. Sutradhar  bsutra@ndl.gov.in
      4 Project PI / Joint PI Principal Investigator and Joint Principal Investigators of the project Dr. B. Sutradhar  bsutra@ndl.gov.in
      Prof. Saswat Chakrabarti  will be added soon
      5 Website/Portal (Helpdesk) Queries regarding NDLI and its services support@ndl.gov.in
      6 Contents and Copyright Issues Queries related to content curation and copyright issues content@ndl.gov.in
      7 National Digital Library of India Club (NDLI Club) Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach clubsupport@ndl.gov.in
      8 Digital Preservation Centre (DPC) Assistance with digitizing and archiving copyright-free printed books dpc@ndl.gov.in
      9 IDR Setup or Support Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops idr@ndl.gov.in
      I will try my best to help you...
      Cite this Content
      Loading...