Framework for Secure Application Design and Development

The practice of secure application design and development is an important and necessary attribute of a secure computing environment. Applications that protect data from unauthorized access or modification and ensure its availability are key advantages to companies with physical and information assets that require such an environment. But, as crucial as this practice is, applications often are not being designed and developed with security in mind. As such, these applications are contributing to the burgeoning miasma of potentially insecure interconnected systems providing an open door to the possible compromise of companies' sensitive and valuable information or systems. In order to produce robust and secure applications that enable and promote a secure computing environment, developers must know and adhere to some fundamental tenets of security doctrine. The goal of this paper in one reference work is to: . . . Illustrate the importance of secure application development. Provide background/history on why this practice is not as pervasive as it should be today. Present a framework to assist developers in the practice of secure application design and development.