A Checklist Based Framework for Software Security Risk Management
As security of software systems is becoming more and more important in the current era of e-commerce and e-governance, traditional approaches for software development should be supplanted with a formal approach to security in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process. This paper focuses on the development of a Security Checklist for the software life cycle. It includes the critical areas of requirements gathering and specification, design and code issues, and maintenance and decommissioning of software and systems.