Secure Web System Design & Development Coursework

Introduction:

As systems become more complex, the potential for security vulnerabilities being introduced increases. This means that if we are to provide any assurances about systems that we design and develop then we need some means for analysing, managing, and generally making sense of all the data that contributes to a system’s design to ensure such vulnerabilities are not unintentionally introduced. In this coursework you are required to design and develop a secure web-based system.

Task:

Design and develop a secure web-based system, incorporating end-point and communications security, and ensure its security is rigorously tested.You are required to develop the system and report the steps taken, the report should not be more than 2000-words. The first part of the report should cover the literature review on the following areas:

• Security within the software development lifecycle.
• Secure software engineering.
• Techniques for secure programming.
• Standards based approaches such as OWASP, CERT, SANS, Certification, threat modelling and STRIDE.
• Tools to aid secure software development.

When you do Programming you may consider the following steps:

• Code hardening techniques.
• Platform selection and development environments.
• Language specific issues.
• Incorporating access control.
• Authentication and trust
• Applied cryptography.
• Security protocols in programming.
• Programming for offensive and defensive cyber.
• Mobile device software.
• Current research in secure programming and future trends.
• Code analysis and testing: Code checking, static analysis, decompiling, dynamic analysis, sandboxing, runtime monitoring, fuzz testing.

Document your program in not more than 2000-word report showing all the steps taken in developing the system.

Programming Assignment Answers: Expert Answers on Above System Development

Introduction

With the development of new and complex systems, there are increasing chances of security vulnerabilities. The risk can be minimised through effective secure software development to a certain extent. The main focus of this project is on developing a secure web based system with integrated end point and communication security by way of following the best practices like CERT and SANS.

Security within the software development life cycle (SDLC)

Security is required to be considered at each and every phase of SDLC including requirements, design, implementation, testing, deployment and maintenance. The security challenges need to be identified in the requirement phase, and it can be possible to apply threat modelling to anticipate risks. Secured coding standards need to be applied along with performing vulnerability scanning, and hardening servers to ensure complete security.

Secure software engineering

Secure software engineering takes into account defensive programming, risk assessment and access control mechanisms in order to prevent any kind of data breaches. By utilising the principle of least privilege, it can be possible to achieve minimal exposure to threats.

Techniques for secure programming

The important techniques that can be applied for secure programming includes code hardening, access control and authentication, applying cryptography, secure communication and sand boxing and runtime monitoring.

Standards based approaches

Developers can make use of important frameworks like CERT secure coding standards, OWASP top 10 and SANS CWE to prevent common vulnerabilities such as XSS, SQL injection etc. 

Want a Full Worked Out Answer with References?

The post Secure Web System Design & Development Coursework appeared first on Assignment Help Singapore.