Question

In: Computer Science

Why is building security into the SDLC important?"

Why is building security into the SDLC important?"

Solutions

Expert Solution

Software Development Life Cycle (SDLC) is a process used by the software industry to design, develop and test high quality softwares. The SDLC aims to produce a high-quality software that meets or exceeds customer expectations, reaches completion within times and cost estimates

it consists of  detailed plan describing how to develop, maintain, replace and alter or enhance specific software. The life cycle defines a methodology for improving the quality of software and the overall development process.

SDLC contains several satges:

1. Research and Analysis – It all starts here. SDLC begins with gathering information from all stakeholders who will benefit from the new application, answering questions such as, “What is the problem at hand?” and “What are the requirements?” In the research phase, it’s critical to gather as many facts as possible, especially with requirements. For example, the application may need specific user permissions in the code that grants “super user” rights to some and not all.

2. Design – Design occurs after all of requirements and wish list items of the research phase have been addressed and documented. This kicks off when the application developer creates the app layout as well as the other code needed to create app functionality. There are times when the developer hits a road block where certain requests can’t be addressed or another functionality should be considered. When this happens, it’s the developer’s responsibility to be sure the applicable stakeholders who created the requirements list are aware of the issues. The developer will need to gather more research.

3. Testing – Developers perform a Unit Test of the application. After the app passes Unit Testing, it moves to IT QA for testing. If no internal QA is in place, the potential end users have to test the app. This is called User Acceptance Testing. In either phase of testing beyond Unit Testing, it’s important that any bugs or functionality issues are well documented. Documented issues have to be addressed by the developer, corrected, and regression tested. All testing is done in a non-production environment. No live data is affected during testing.

4. Implementation – Depending on the application and other infrastructure at hand, implementation can be an intricate process. The application code is copied from the testing environment to the production environment. Even when implemented, the application often needs more testing to make sure all is functioning as designed and all requirements are met.

5. Support and Evolution – During this phase it is important to have all proper personnel in place to handle any issues that may arise after the app has been implemented. This occurs usually when larger user groups are trained on the new application. Sometimes new users will attempt to do things the app isn’t designed to do. It’s up to the support team to educate the users on the functionality and proper use. Granted, other scenarios may arise that may be a legitimate bug in the app. Hopefully this doesn’t occur often, but if it does the support team has to address the issue accordingly. The developer will need to be involved so outstanding issues are addressed and resolved. Additional testing will have to be conducted before implementing the updates.

SDLC is important not only when building software it helps after publishing also.


Related Solutions

Building security into the design phase of the software development lifecycle (SDLC) is important to be...
Building security into the design phase of the software development lifecycle (SDLC) is important to be successful in securing software. In this forum, you will research the best secure software design methodologies to prevent vulnerabilities and share your findings with the class. While a security method may work well for one organization, the same approach may not work well for other organizations. However, there should be some best practices we should follow to be successful in the SDLC phases Considering...
What is the role of an accountant in the SDLC? Why it's important for accountants to...
What is the role of an accountant in the SDLC? Why it's important for accountants to be involved with the process?
What does the SDLC have to do with Computer Security?
What does the SDLC have to do with Computer Security?
1. Research and discuss why project management is important for the Software Development Life Cycle (SDLC).
1. Research and discuss why project management is important for the Software Development Life Cycle (SDLC).
Why is it important to have a Network Security? Discuss the use of network security components....
Why is it important to have a Network Security? Discuss the use of network security components. Why is it important to use Firewall for Computer Networks?
The purpose of SDLC The benefit of SDLC any cons of the SDLC the phases of...
The purpose of SDLC The benefit of SDLC any cons of the SDLC the phases of SCLC At least of SDLC methods
briefly explain the overall of IT security and why it is important to always align IT/IS...
briefly explain the overall of IT security and why it is important to always align IT/IS strategy and business strategy?
explain the concept of Corporate Information Security. What is it? Why is it important?
explain the concept of Corporate Information Security. What is it? Why is it important?
Why is it important to identify the information requirements of a new system prior to building...
Why is it important to identify the information requirements of a new system prior to building the system? Discuss this in terms of change management in IT implementation? Please answer in detail. For 5 marks
why understanding of the types of knowledge is important for building and sustaining a structured knowledge...
why understanding of the types of knowledge is important for building and sustaining a structured knowledge management system ?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT