As it has been stepping into the e-time period,
software, which is considered as the key factor of the network and computer
development, has become an integral part of everyday life. Millions of people
may perform transaction through internet, mobile phone, ATM, and send e-mails,
handle word processing or spreadsheets for different purposes. In another word,
the network and information have been related to our daily life completely. Then, by IT advancing, the awareness of software security
becomes a hot and serious topic. This paper will give some comments in various
aspects, such as, in the
beginning of the SDLC (System Development Life Cycle), how do designers analyze the functional and non-functional requirements and
choose the proper development model? And then the testing
professors take which kinds of methods to test the software with white-box
testing or black-box testing to discover the vulnerabilities and flaws. At the same time, the paper gives some examples to
demonstrate why the security of software is pretty important and what we should
do to secure that. In addition, the paper will talk something about the
enterprises’ actions to build a more secure network environment.
Cite this paper
C. Zhang, M. Zhou, Y. Xie and X. Li, "The Current and Future of Software Securities and Vulnerabilities," Journal of Software Engineering and Applications
, Vol. 7 No. 1, 2014, pp. 1-5. doi: 10.4236/jsea.2014.71001
 C. Banerjee and S. K. Pandey, “Software Security Rules: SDLC Perspective,” (IJCSIS) International Journal of Computer Science and Information Security, Vol. 6, No. 1, 2009.
 C. Y. Lester, “A Practical Application of Software Security in an Undergraduate Software Engineering Course,” IJCSI International Journal of Computer Science Issues, Vol. 7, No. 3, 2010.
 H.-Y. Sun and X.-C. Shi, “The Relationship Research between Reliability, Safety and Functional Security,” 2010.
 A. Sumithra and Dr E. Ramraj, “A Checklist Based Framework for Software Security Risk Management,” International Journal of Computing Technologies and Applications, Vol. 2, No. 2, pp. 304-308.
 B. Boehm, “A Spiral Model of Software Development and Enhancement,” IEEE Computer, Vol. 21, No. 5, 1988, pp. 61-72. http://dx.doi.org/10.1109/2.59
 R. S. Gaykar and D. S. Joshi, “Enhancement of Software Security Through Design Phase,” Résumé S. Gaykar et al./International Journal of Engineering Science and Technology (IJEST), Vol. 3, No. 4, 2011.
 A. Austin, C. Holmgren and L. Williams, “A Comparison of the Efficiency and Effectiveness of Vulnerability Discovery Techniques,” Information and Software Technology, Vol. 55, No. 1, 2013, pp. 1279-1288.
 R. Wang, “Research on Comprehensive Evaluation Method of Application Software Security,” Dalian University of Technology, Dalian, 2013.
 China Internet Security Conferences, CISC 360, 2013.
 D. Z. Zhang, D. G. Liu, C. Csallner, D. Kung and Y. Lei, “A Distributed Framework for Demand-Driven Software Vulnerability Detection,” The Journal of Systems and Software, G Model, JSS-9220.
 M. Kimura, “Software Vulnerability: Definition, Modeling, and Practical Evaluation for E-Mail Transfer Software,” International Journal of Pressure Vessels and Piping, Vol. 83, 2006, pp. 256-261.
 B. Smith and L. Williams, “Systematizing Security Test Planning Using Functional Requirements Phrases,” Technical Report TR-2011-5, North Carolina State University, Raleigh, 2011.
 360 Internet Security Centre, Featuring Research from Gartner, “Development Trend of Enterprise Security in the Internet Age,” 2013.