检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Kire Jakimoski Zorica Stefanovska Vekoslav Stefanovski
机构地区:[1]Faculty of Informatics,AUE-FON University,Skopje,Republic of North Macedonia [2]Sourcico,Tel Aviv,Israel
出 处:《Journal of Computer Science Research》2022年第2期31-41,共11页计算机科学研究(英文)
摘 要:Cybersecurity is a global goal that is central to national security planning in many countries.One of the most active research fields is design of practices for the development of so-called highly secure software as a kind of protection and reduction of the risks from cyber threats.The use of a secure software product in a real environment enables the reduction of the vulnerability of the system as a whole.It would be logical to find the most optimal solution for the integration of secure coding in the classic SDLC(software development life cycle).This paper aims to suggest practices and tips that should be followed for secure coding,in order to avoid cost and time overruns because of untimely identification of security issues.It presents the implementation of secure coding practices in software development,and showcases several real-world scenarios from different phases of the SDLC,as well as mitigation strategies.The paper covers techniques for SQL injection mitigation,authentication management for staging environments,and access control verification using JSON Web Tokens.
关 键 词:CYBERSECURITY Security risks Secure SDLC SQL injection Broken authentication Broken access control Mitigation practices
分 类 号:TP3[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28