企业应用软件开发安全体系的构建

针对企业应用软件设计与开发过程中所需考虑的安全性问题,构建一套企业内部适用的应用软件开发安全体系.通过剖析企业应用软件常见漏洞防护技术,依照应用软件开发生命周期流程,从设计安全、编码安全、过程管理安全等方面重新梳理、补充企业应用软件开发安全体系的框架.考虑体系框架下对应安全要求,为了方便指导应用软件设计人员、代码开发人...

Construction of enterprise application software development security system

Aiming at the security problems that need to be considered in the process of enterprise application software design and development,this paper constructed a set of application software development security system suitable for enterprise.This paper analyzed the common vulnerability protection technologies of enterprise application software,according to the application software development life cycle process,reorganized and supplemented the framework of enterprise application software development security system from theaspects of design security,coding security,and process management security.Considering the corresponding security requirements under the framework of the system,in order to facilitate the guidance of application software designers and code developers,and improve the security capability of application software,the paper proposed a security system of enterprise application software development including technical requirements.The construction of enterprise application software development security system can help to reduce the software defects,prevent enterprise application software security vulnerabilities from being exploited by hackers,so as to avoid the possible serious or even catastrophic consequences.