Security Qualitative Metrics for Open Web Application Security Project Compliance | Zendy

Ferda Özdemir Sönmez | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Security Qualitative Metrics for Open Web Application Security Project Compliance

Author(s) -

Ferda Özdemir Sönmez

Publication year - 2019

Publication title -

procedia computer science

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.334

H-Index - 76

ISSN - 1877-0509

DOI - 10.1016/j.procs.2019.04.140

Subject(s) - computer science , web application security , software engineering , java , computer security , application security , secure coding , world wide web , software security assurance , information security , web development , web service , security service , programming language

The focus of this study is to find out repeatable features for large-scale enterprise web application production process related to based on OWASP security requirement list. As a result of a rigorous work including domain analysis for Java language and development frameworks and the examination of a large set of technical documents, 230 security qualitative metrics are discovered, under six categories. These security qualitative metrics are beneficial for security analysts as well as other parties such as designers, developers, and testers. The findings provide a developer/designer point of view and would help to make better decisions related to the environment set up, technology selection, and the architecture, design, and implementation details. As a result of this effort, the overall vulnerability level of the web applications would diminish significantly.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research