IJEME Vol. 13, No. 2, 8 Apr. 2023
Cover page and Table of Contents: PDF (size: 290KB)
Full Text (PDF, 290KB), PP.36-42
Views: 0 Downloads: 0
Security, Secure Software Development, Mobile Application Development, CIA, SDLC
With the high mobile phone penetration and subsequent significant usage of mobile phone applications, mobile users have become prime targets of hackers. Secure Software Development (SSD) advocates incorporating security aspects at the initial stages of software development. This study proposes a novel Mobile Application Development Lifecycle by reviewing SSD concepts and incorporating these concepts into MADLC- a mobile-focused software development lifecycle to create a security-aware Mobile Application Development Lifecycle (sMADLC). The proposed development lifecycle, sMADLC, can potentially help mobile application developers create secure software that can withstand hacker aggression and assure mobile application users of the confidentiality, integrity and availability of their data and systems.
Anthony Wambua Wambua, Gabriel Ndung’u Kamau, "Security-aware Mobile Application Development Lifecycle (sMADLC)", International Journal of Education and Management Engineering (IJEME), Vol.13, No.2, pp. 36-42, 2023. DOI:10.5815/ijeme.2023.02.05
[1]W. Bank, "World Development Report 2016," in "Digital Dividends," DC, 2016.
[2]G. Van Noort and E. A. Van Reijmersdal, "Branded apps: Explaining effects of brands' mobile phone applications on brand responses," Journal of Interactive Marketing, vol. 45, pp. 16-26, 2019.
[3]Y. Elsantil, "User perceptions of the security of mobile applications," International Journal of E-Services and Mobile Applications (IJESMA), vol. 12, no. 4, pp. 24-41, 2020.
[4]R. Bitton, A. Finkelshtein, L. Sidi, R. Puzis, L. Rokach, and A. Shabtai, "Taxonomy of mobile users' security awareness," Computers & Security, vol. 73, pp. 266-293, 2018/03/01/ 2018, doi: https://doi.org/10.1016/j.cose.2017.10.015.
[5]K. Qian, D. Lo, R. Parizi, F. Wu, E. Agu, and B. T. Chu, "Authentic Learning Secure Software Development (SSD) in Computing Education," in 2018 IEEE Frontiers in Education Conference (FIE), 3-6 Oct. 2018 2018, pp. 1-9, doi: 10.1109/FIE.2018.8659217.
[6]R. Cope, "Strong security starts with software development," Network Security, vol. 2020, no. 7, pp. 6-9, 2020.
[7]A. Kaur and K. Kaur, "Suitability of existing software development life cycle (sdlc) in context of mobile application development life cycle (madlc)," International Journal of Computer Applications, vol. 116, no. 19, 2015.
[8]K. Rindell, S. Hyrynsalmi, and V. Leppänen, "Aligning security objectives with agile software development," presented at the Proceedings of the 19th International Conference on Agile Software Development: Companion, Porto, Portugal, 2018. [Online]. Available: https://doi.org/10.1145/3234152.3234187.
[9]T. Vithani and A. Kumar, "Modeling the mobile application development lifecycle," in Proceedings of the International MultiConference of Engineers and Computer Scientists, 2014, vol. 1, pp. 596-600.
[10]A. Kumar and T. Vithani, "A comprehensive mobile application development and testing lifecycle," in 2014 IT Professional Conference, 2014: IEEE, pp. 1-27.
[11]N. Ivaki and N. Antunes, "SIDE: Security-aware Integrated Development Environment," in 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), 12-15 Oct. 2020 2020, pp. 149-150, doi: 10.1109/ISSREW51248.2020.00056.
[12]R. Goel, "Secread: Security-Aware Requirements Elicitation, Assessment And Design Methodology," MNIT, Jaipur, 2018.
[13]H. Assal and S. Chiasson, "'Think secure from the beginning' A Survey with Software Developers," in Proceedings of the 2019 CHI conference on human factors in computing systems, 2019, pp. 1-13.
[14]A. Wambua and B. Maake, "Characterizing Software Quality Assurance Practices in Kenya," International Journal of Software Engineering and Computer Systems, vol. 8, no. 1, pp. 22-28, 2022.
[15]L. Shanmugam, S. F. Yassin, and F. Khalid, "Incorporating the elements of computational thinking into the Mobile Application Development Life Cycle (MADLC) model," Int. J. Eng. Adv. Technol, 2019.
[16]Microsoft. "Microsoft Security Development Lifecycle (SDL)." https://www.microsoft.com/en-us/securityengineering/sdl/ (accessed July 5, 2022).
[17]G. McGraw, "Software security," Building security in, 2006.
[18]A. Hudaib, M. Alshraideh, O. Surakhi, and M. Alkhanafseh, "A Survey on Design Methods for Secure Software Development," International Journal of Computer and Technology, vol. 16, pp. 7047-7064, 12/10 2017, doi: 10.24297/ijct.v16i7.6467.