A Study on the Challenges of Human-Centric Cyber-Security and the Guarantee of Information Quality  

作　　者：Mohammed Hussein Kurdi Mohsen Denden David Paul Mohammed Hussein Kurdi;Mohsen Denden;David Paul(Department of Cyber-Security, National Events Center, Riyadh, Saudi Arabia;Department of Computer and Information Technologies, Technical College of Telecommunication and Information Riyadh TCTI, Technical and Vocational Training Corporation TVTC, Riyadh, Saudi Arabia;Department of Computer Science, Higher Institute of Applied Sciences of Sousse, University of Sousse, Sousse, Tunisia;School of Science & Technology, University of New England, Armidale, Australia)

机构地区：[1]Department of Cyber-Security, National Events Center, Riyadh, Saudi Arabia [2]Department of Computer and Information Technologies, Technical College of Telecommunication and Information Riyadh TCTI, Technical and Vocational Training Corporation TVTC, Riyadh, Saudi Arabia [3]Department of Computer Science, Higher Institute of Applied Sciences of Sousse, University of Sousse, Sousse, Tunisia [4]School of Science & Technology, University of New England, Armidale, Australia

出　　处：《Journal of Information Security》2024年第2期218-231,共14页信息安全（英文）

摘　　要：Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.

关 键 词：Cyber Security Development Methodology Information Quality Human-Centric SDLC Quality Assurance 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]