Skip to main content
SpringerLink
Log in

Implementation Phase Methodology for the Development of Safe Code in the Information Systems of the Ministry of Housing, City, and Territory

  • Conference paper
  • First Online:
Computational Science and Its Applications – ICCSA 2018 (ICCSA 2018)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10961))

Included in the following conference series:

  • 2058 Accesses

Abstract

In the modern age of the Internet and information technology, information security in terms of software development has become a relevant issue for both public and private organizations. Considering the large budget that the nation must invest to prevent and repair computer attacks, the development of secure software in the Ministry of Housing, City, and Territory –MHCT– became a need that must be solved from the area of technology. Since information is the most important asset of any organization, it is essential to generate information systems with high levels of security, integrity, and reliability. We propose a methodology for the development of secure code, with the necessary procedures and indications to prevent possible attacks to information security and aimed at covering the development phase in the process of creating information systems for the MHCT. This is a specific methodology that was raised from different methodologies that address this problem, which we compared and evaluated based on different criteria that are relevant in the MHCT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Apple Computer Inc.: Secure Coding Guide (2016)

    Google Scholar 

  2. The Web Application Security Consortium: The WASC Threat Classification v2.0 (2011)

    Google Scholar 

  3. Standards, SEI CERT Coding: Obtenido de Software Engineering Institute - Carnegie Mellon University, 24 de abril de (2017)

    Google Scholar 

  4. Bijay, K., Jayaswal, P.C.: Design for Trustworyhy Software. Pearson (2007)

    Google Scholar 

  5. Brito, C. J.: Metodologías para desarrollar software seguro (2013)

    Google Scholar 

  6. BSIMM Initiative: BSIMM Framework (2017)

    Google Scholar 

  7. SANS: What Works in Application Security (2016)

    Google Scholar 

  8. Curphey, Mark - OWASP: A Guide to Building Secure Web Applications - The Open Web Application Security Project (2005)

    Google Scholar 

  9. Deloitte: Encuesta de Seguridad Mundial. USA: Deloitte Survey (2007)

    Google Scholar 

  10. Williams, J. OWASP Foundation: The Open Web Application Security Project (2008)

    Google Scholar 

  11. Forero, R.A.: Dinero. Obtenido de Amenazas cibernéticas y la vulnerabilidad de nuestro negocio (2016)

    Google Scholar 

  12. Glass, R.L.: Building Quality Software. Prentice Hall, Upper Saddle River, New Jersey (1992)

    Google Scholar 

  13. Munassar, N.M.A., Govardhan, A.: A comparison between five models of software engineering. Int. J. Comput. Sci. Issues 5, 95–101 (2010)

    Google Scholar 

  14. Microsoft Corporation: The Security Development Lifecycle Developer Starter Kit (2017)

    Google Scholar 

  15. Howard, M., Lipner, S.: The Security Development Lifecycle, vol. 8. Microsoft Press a Division of Microsoft Corporation, Redmond (2006)

    Google Scholar 

  16. Huseby, S.H.: Innocent Code - A Security Wake-Up Call for Web Programmers. Wiley, London (2004)

    Google Scholar 

  17. International Organization for Standarization and International Electrotechnical Commission: ISO/IEC 27034–1 Application Security - Overview and Concepts. ISO (2011)

    Google Scholar 

  18. ISO/IEC, I.: ISO. ISO/IEC 27001:2013 - Information technology - Security Techniques - Information security management systems. ISO/IEC (2013)

    Google Scholar 

  19. Jhohn Viega, G.M.: Building Secure Software. Pearson, Indianapolis (2001)

    Google Scholar 

  20. Kissel, R.: Security Considerations in the System Development Life Cycle. NIST Special Publication, Technical report, National Institute of Standards and Technology (2008)

    Book  Google Scholar 

  21. ISACA.: Encuesta de Fraude y Cibercrimen en Colombia. Bogota (2013)

    Google Scholar 

  22. Florez, H., Sanchez, M., Villalobos, J.: A Catalog of Automated Analysis Methods for Enterprise Models. Springer, New York (2016). https://doi.org/10.1186/s40064-016-2032-9

  23. McConnel, S.: Code Complete: A Practical Handbook of Software Construction, 2nd edn. Microsoft Press, Redmond (2004)

    Google Scholar 

  24. McGraw, G.: Software Security: Building Security in. Addison Wesley, Boston (2006)

    Google Scholar 

  25. Microsoft Corp.: Microsoft Security Development Lifecycle (SDL) - Process Guidance (2012)

    Google Scholar 

  26. Microsoft Corp.: Improving Web Application Security: Threats and Countermeasures (2017)

    Google Scholar 

  27. MINTIC: Conoce la estrategia de gobierno en línea (2017)

    Google Scholar 

  28. Minvivienda: Misión y Visión del Ministerio de Vivienda (2017)

    Google Scholar 

  29. National Institute of Standards and Technology: Security Considerations in the System Development Life Cycle (2008)

    Google Scholar 

  30. OWASP Foundation: OWASP Secure Coding Practices - Quick Reference Guide (2015)

    Google Scholar 

  31. OWASP Foundation: The Open Web Application Security Project (2015)

    Google Scholar 

  32. OWASP Foundation: OWASP.NET Project (2016)

    Google Scholar 

  33. OWASP Foundation: OWASP SAMM Project (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Universidad EAN, Bogotá, Colombia

    Rosa María Nivia, Pedro Enrique Cortés & Alix E. Rojas

Authors
  1. Rosa María Nivia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pedro Enrique Cortés
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alix E. Rojas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alix E. Rojas .

Editor information

Editors and Affiliations

  1. University of Perugia, Perugia, Italy

    Osvaldo Gervasi

  2. University of Basilicata, Potenza, Italy

    Beniamino Murgante

  3. Covenant University, Ota, Nigeria

    Sanjay Misra

  4. Saint Petersburg State University, Saint Petersburg, Russia

    Elena Stankova

  5. Polytechnic University of Bari, Bari, Italy

    Carmelo M. Torre

  6. University of Minho, Braga, Portugal

    Ana Maria A.C. Rocha

  7. Monash University, Clayton, Victoria, Australia

    David Taniar

  8. Kyushu Sangyo University, Fukuoka shi, Fukuoka, Japan

    Bernady O. Apduhan

  9. Politecnico di Bari, Bari, Italy

    Eufemia Tarantino

  10. Myongji University, Yongin, Korea (Republic of)

    Yeonseung Ryu

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nivia, R.M., Cortés, P.E., Rojas, A.E. (2018). Implementation Phase Methodology for the Development of Safe Code in the Information Systems of the Ministry of Housing, City, and Territory. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2018. ICCSA 2018. Lecture Notes in Computer Science(), vol 10961. Springer, Cham. https://doi.org/10.1007/978-3-319-95165-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-95165-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-95164-5

  • Online ISBN: 978-3-319-95165-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation