Abstract
The article proposes an overview of an information technology of software data security monitoring with the aim of increasing the security of auxiliary and end-user software in run-time using the designed universal architecture with the capabilities of synchronized data security validation processes in client-server interactions and integration into software development technologies using unified interfaces for specifying extensible sets of validation rules. An analysis of the subject area was conducted, during which it was established that the tasks of software data security validation are included in the requirements of well-known data security standards, and the related vulnerabilities are noted as highly important. It was also established that the traditional monitoring of only software input data is not enough, therefore the problem of security monitoring of various categories of software data is relevant. The capabilities of existing tools to monitor security and correctness of software data are incomplete: focus on certain categories of data, platform dependency, narrow integration capabilities with other software development tools, limited usage, complex or limited extensibility, difficult reuse of well-known verified solutions etc. Based on the analysis of the existing software data security monitoring tools, the cons of the existing implementations were identified, and a universal architecture of the software framework was proposed as a solution. The analysis of the vulnerabilities of various categories of software data was conducted along with the recommended methods of implementation of data security. Discovered methods of data security implementation were used in the proposed solution. The article examines the structure of the proposed information technology, provides the universal architecture of the software framework, demonstrates the verification of the work of the developed tool, and provides the assessment of the effectiveness of usage of the data security monitoring framework in software development. The proposed architecture and directions of further improvements of the framework allow significant extension of its functionality and easy integration into popular software development technologies. It is assumed that the developed information technology of software data security monitoring will be widely used in commercial software development as well as in educational and scientific appliance.
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call