Professional Documents
Culture Documents
Zhou 2022 J. Phys. Conf. Ser. 2173 012041
Zhou 2022 J. Phys. Conf. Ser. 2173 012041
He Zhou
School of Computer and Information Engineering, Nanchang Institute of Technology,
Nanchang, Jiangxi 330044, China
*
corresponding author’s e-mail: 51001202@qq.com
Abstract. With the rapid development of network technology, software security has
attracted more and more attention. Based on the software security lifecycle presents an
improved suitable for small and medium-sized enterprise software security development
process, make the software safety to cover the whole software life cycle, improve the level
of safety of encoding software. The model used in the software development phase, test
phase and release phase three software security key technologies are studied and discussed
in detail. In addition, it also designed a software security development management
platform, the software development process so that the model can better apply to the actual
enterprise to the platform. After a number of units for a period of time of trial, get a better
evaluation of the households.
Keywords. Software security; key technology; development; network
1. Introduction
The software product with everything else, but also through birth, birth, growth, maturity, decline
stage, in software engineering we commonly known as the software life cycle [1]. Through the whole
life cycle of software is divided into several stages, each stage has a clear mandate, the scale is big,
easy to control and management of complex software the development and management of the
complex [2]. Usually, the software life cycle including feasibility analysis and development plan,
requirement analysis, design, encoding, testing, maintenance and other activities, these activities can
be in a proper way assigned to different stages to complete [3]. This method divided the process is a
principle, in software engineering, which follow the prescribed order step by step, each stage, have
defined work, review, document for communication or for reference, in order to improve the quality of
software.
This stage is to discuss the software development and demand, mainly to determine the
development goals and the feasibility of the software [4]. The feasibility study is usually the feasibility
of the project report to top management for software development funds, usually from the economic,
business or organization, and technology in project feasibility assessment. In addition, feasibility to
continue the project tracking and research progress of information management system of the
evaluation team also can be used as a reference [5]
In the software development is feasible; the detailed analysis of the various functions of the
software needs to realize [6]. The demand analysis stage is a very important stage, this stage is well
done, will be a good foundation for the software development project success lay. "The only constant
is change itself, the same." demand is constantly changing during the whole process of software
development and in-depth, so we must make changes in demand plan to deal with this change, in order
to protect the smooth progress of the project.
Content from this work may be used under the terms of the Creative Commons Attribution 3.0 licence. Any further distribution
of this work must maintain attribution to the author(s) and the title of the work, journal citation and DOI.
Published under licence by IOP Publishing Ltd 1
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
This stage is mainly based on the results of requirement analysis, the design of the function and
operation of the entire software system, such as system framework design, database design, user
interface layout, business rules, and system flow and so on. At the end of this period, we will make the
whole system design described as a series of modules or subsystems of software design [7]. Generally
divided into the overall design and detailed design for each demand system, will be on or make a
prototype system to produce one or more key points of the design. The software design phase is a
crucial stage in the whole software life cycle. In the design stage if there is some design errors later, in
the software you want to restore the price is very expensive. And good software design for software
programming and lays a good foundation.
To go through rigorous testing in the software design is completed, to found in the whole design
process of software problems and correct. The whole test process is divided into three stages of unit
testing, assembly test and system test. The test methods include white box testing and black box
testing in two. In the course of the testing a detailed test plan and test strictly according to the test plan,
test to reduce the randomness.
2
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
Most programmers think in the preparation of the program the program is run in a way. In fact, the
modern computer is very fast in task switching, in multi-core, multi or distributed system, often have a
time to happen at the same time the exact time. Between the programming ideas and the real situation
of existence a lot of program weaknesses. These security vulnerabilities by thread, process, time, and
state between the non expected interaction caused.
3
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
4
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
3.2. The function, principle, method and condition of developing multimedia technology
Persistent XSS vulnerability is usually more serious. When kept in the server stored in the database
such as persistent attacker submitted data, then the data is not verified displayed on other users usually
may access the page, will be stored in persistent XSS vulnerabilities. A typical example is that if an
online forum allows users to use directly in the code at the post, it will cause persistent XSS
vulnerabilities, because online forum posting is usually stored in the database, and posting content can
be all users to see. A big problem existing in software security is that many software systems do not
have a good sense of safety in the construction process. Software developers mostly take a better
attitude; will focus more on the repair of software security issues, rather than an effort to create safe
software from the beginning.
Even some software developers have a misunderstanding on software security issues, often the
safety investment used in the procurement of equipment such as firewall, old for protection from the
network layer attacks, leaving only the security of the software itself for the rest. In fact, the statistical
data presented show that only the attack is realized by network protocols or hardware vulnerabilities,
and the hacker attacks on the application layer, the use of software security vulnerabilities exist in the
attack. For these attacks using software vulnerabilities, security devices in the network layer can play a
protective role. Only the safety investment against a possible attack this is also the reason that some
software security is poor as shown in figure 4.
5
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
4. Discussions
Although the enterprise in the software development process for software security problems have been
more and more attention, but the application of the software security development process is still not
ideal. The survey report pointed out that the scale of the enterprise is one of the important factors that
influence the enterprise whether the security development process in the software development
process. At present, several major software security development process needs large resources of
large enterprises, they can afford more safety tools and safety activities overhead for funds, the lack of
human resources of small and medium enterprises to say, application software security development
process, there is still a significant obstacle. Therefore, it is necessary for the lack of resources of small
and medium sized enterprises some consider must optimize the software security development process.
On the basis, the process is simplified, a better applied to the lightweight software security
development process of small and medium enterprises, and the first two chapters put forward dynamic
watermarking based on dynamic data dependence graph, software protection technology of dynamic
security analysis of dynamic data dependence and some other existing software security technology
based on the combination of. Has the same security as the core, to software security coverage to the
characteristics of each stage of the software life cycle.
And different, involving safety software security development process proposed by this paper, is not
fully in accordance with the order, but there is overlap in time, in order to save time and cost. We also
emphasize the use of free security tools, and security tools for automatic configuration, a part of the
regular automatic safety activities the work, save money, time and manpower. Software security
development process is the goal of software security issues in the design and implementation of the
reduction in the software development life cycle as early as possible during the macro grasp of
software safety in the whole process of software development, improve software security, severity
reduce the impact of any security issues not found in the software.
5. Conclusion
The work of this paper is the first from the two aspects of copyright protection and security
vulnerabilities summarizes the security threats facing the software. In order to make the software to
deal with current security threats, it is necessary to improve the safety awareness in the process of
software development, software in the whole life cycle of software safety concerns, improve safety
software products. Based on the software security development processes are introduced, and they are
compared and analyzed. Then the current software security development process mainly needs more
resources based on small and medium enterprises, barriers to the status quo in the application process,
based on software security development life cycle forward improved suitable for small and medium
6
ICMSOA 2021 IOP Publishing
Journal of Physics: Conference Series 2173 (2022) 012041 doi:10.1088/1742-6596/2173/1/012041
enterprises software development process, software security is able to cover the entire software life
cycle, save enterprise security Total cost, improve the level of software security. The software security
development process based on the improved design and implementation of a software development
management platform, the purpose is to enable enterprises to better in the software development
process of application software security development process, the software development process of
effective management, as far as possible early discovery and repair security vulnerabilities in the
software, security the final software was significantly improved. The platform after a number of units
for a period of time after the trial, get a better evaluation.
Acknowledgement
Project Fund: Collaborative Education by the Ministry of Education, Fund No. 202101196010,
Application of Network Crawber in Big Data Teaching.
References
[1] Evren G 2016 Preparation for Central Common Examination is not a Torment but Fun Procedia
Social and Behavioral Sciences 232(24) 47-56
[2] Hu Y N 2017 Research on the Application of Fault Tree Analysis for Building Fire Safety of
Hotels Procedia Engineering 135(1) 45-6
[3] Flaherty G T 2016 Research on the move: the potential applications of mobile health
technology in travel medicine Journal of Travel Medicine 23(6) 49-55
[4] Maja S J, Radmila B, Bojan L 2016 A Proposal for Research Framework Based on The
Theoretical Analysis and Practical Application of MLQ Questionnaire Conomic Themes 4(4) 5-
6
[5] Petros T, ikolaos S 2016 Editorial to the IFSET Special Issue “Advances in research
and applications of nonthermal technologies for food processing and preservation” based on
the 2015 International Nonthermal Processing Workshop Innovative Food Science and
Emerging Technologies 38(1) 220-7
[6] Pattanapong W 2016 Errors in translation made by English major students: A study on types
and causes Kasetsart Journal of Social Sciences 783(26) 89-102
[7] Agnes A O 2017 The Abolishment of Colleges and its Implications on ELT in Nigeria Procedia
- Social and Behavioral Sciences 232(24) 567-9