E Business Vs. E Commerce - 1552 Words

Introduction Today, it is hard to find a software that does not have some sort of access to users’ information; going from their name to their credit card information. In fact, with the evolution of technology (most importantly the increase in access to the internet), E-business or E-commerce has been pushed to a new level. Today, customers want to be able to access services at anytime, anywhere. This has led to the development of applications that can be executed on distributed environment or in real time such as Web based applications or a Client server application. Hence, secure software development is not an option but a must that software engineers have to put in practice so that data integrity can be guaranteed to users. The†¦show more content†¦As a consequence, an increasing number of users and organizations have expressed the need of more robust systems and applications. Hence, this fact implies incorporating an effective security stage into the development life cycle in order to be able to efficaciously assess security issues. Secure software development cycle not only encompass the development and the implementation of a software but, also the processes that guaranty that a piece of software meets its requirement while minimizing expositions to malicious threats that could expose users and minimizing the cost of development (Microsoft.com) Planning and requirements Requirement analysis is probably the most important and more complex process in the Software Development Life Cycle framework. In Secure software development, senior developers, together with stakeholders, not only discuss the fundamental of the SDLC such as project planning, assessing product feasibility studies and management requirements, but also define set of activities to formalize the security requirements for a specific product release (SafeCode source). These activities are defined using use cases, strategic company security policies, defined security improvement goals and customers’ inputs. This implies identifying functional and non-functional requirements and applying a high risk assessment on them in order to determine security risks and to prioritize security requirements as per threat and risk