Database and Application Security: A Practitioner’s Guide by R. Sarma Danturthi

Author:R. Sarma Danturthi
Language: eng
Format: epub
Publisher: Addison-Wesley
Published: 2024-02-15T00:00:00+00:00

The Software Development Process

Software development follows a lifecycle from collecting requirements at step zero to final deployment to decommissioning and throwing out the package when it gets old. This process is called the software development life cycle (SDLC). SDLC consists of several steps, groups of people, and different machines that develop, test, and then deploy the software. The code is also saved on a library or source code repository such as Visual Source Safe. Source code repositories not only show the final working version of the source code but they also have the source code stored at various stages of the SDLC and proper documentation on how the code started, changes made, and the versions created. SDLC follows these detailed steps:

Requirements collection: Before a software package is even thought of and designed, the basic step is to collect requirements for the software. Requirements indicate what the software is supposed to deliver, what inputs it would take, what operating system it will operate on, and other details. The requirement are further divided into functional requirements, user requirements, system requirements, and so on. Requirements are documented and approved before initiating an attempt to design the software. Also note that requirements documentation specifies individual requirements separately rather than combining more than one into a statement or creating vague statements.

An example of creating vague or complex requirement is as follows.

“The website allows end users to register with a username and password, checks usernames with existing usernames, rejects duplicates, hits for new names and lengthy passwords, and allows the user to search through the already-registered names.”

Notice that the statement is complex and can easily confuse a software designer. Instead, the sentence must be broken into different requirements.

New users must be able to register with a username and password.

Both usernames and passwords must have alphanumeric letters and numbers.

Usernames must not start with a number or a symbol.

If a requested username already exists, alternatives should be suggested.

Usernames cannot have duplicates in the registered usernames database.

Password lengths must be checked to have a minimum of eight characters.

Passwords must follow the organizational password policy. See the password policy document for more details on password complexity.

Requirements are usually documented as shown in Table 10-1, and many types of software programs exist to record requirements; Jama, Codebeamer, and Caliber are some examples. Requirements can even be in a simple Notepad file, but the document must clearly identify each requirement without any ambiguity. Most software packages also allow a complex requirement to be broken into subitems like the work development section items shown in Table 10-1.

Table 10.1 Example of Breaking a Complex Requirement into Individual and Simple Requirements

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.