Overview
Security of software products during both development and operations is vital and can effects national security, therefore the security control baseline selected will be ‘high-impact” criteria in NIST 800-53 based on the criteria in NIST 800-60 stating that loss of confidentiality may “result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries.”(NIST, 2008, p. 10) The high impact rated security controls require implementation during the entire software lifecycle, from the development stage through to the end of the disposal stage.
The software engineering process is complex and modern methods use Application Lifecycle Management (ALM) tools, which is a unified project management package specialized to facilitate the complete lifecycle(Gomede, Da Silva, & de Barros, 2015). Software development methodologies can be modeled into phases or integrated in a delivery continuous process. An ALM package should be flexible and can adaptable to any major software design methodology(Inflectra, 2018b). The following are major phases in the software lifecycle(Inflectra, 2018a):
- Planning: requirement specification analysis
- Development: coding the software package
- Testing: quality and security analysis
- Deployment: installation, configuration
- Maintenance: testing, patching
- Disposal: destruction of code and hardware
ALM Tools
Application Lifecycle Management tools offers governance, development, and operations functions. It has several important features that increase the security of the software lifecycle. An encrypted code depository that holds the source code in a secure environment and allows traceability, version tracking, and access auditing. The following NIST controls are mapped to the ALM features.
- User account management in should allow fine grained user access to project portfolios, code repositories, and collaboration tools. This allows the important required security controls of separation of duties and least privilege. It minimizes data loss or corruption in the event of user credential theft or insider malfeasance(International Council of E-Commerce Consultants., 2010, pp. 387-388). The NIST 800-53 controls are satisfied by this feature(NIST, 2014, pp. F-18-19).
| AC-2 | Account Management |
| AC-3 | Access Enforcement |
| AC-4 | Information Flow Enforcement |
| AC-5 | Separation of Duties |
| AC-6 | Least Privilege |
- It may allow the use of external Software Configuration Management (SCM) tools such as Git. This allows establishment of a baseline software configuration that assures a security level for the client’s needs. The baseline allows a comparison point for future software changes and patch management guidelines to maintaining security integrity as the software evolves through time(Menon, Sathyanathan, Abraham, Pahlajani, & Santhi, 2017, p. 3043). The NIST 800-53 controls are satisfied through this feature by enforcing strict configuration management(NIST, 2015, p. 23)
| CM-2 | Baseline Configuration | |
| CM-3 | Configuration Change Control | |
| CM-4 | Security Impact Analysis | |
| CM-5 | Access Restrictions for Change | |
| CM-6 | Configuration Settings | |
| CM-7 | Least Functionality | |
| CM-8 | Information System Component Inventory | |
| CM-9 | Configuration Management Plan | |
| CM-10 | Software Usage Restrictions | |
| SA-10 | Developer Configuration Management | |
| SA-11 | Developer Security Testing and Evaluation | |
- Secure storage for the classified source code is vital. Strong encryption of the storage media protects the data from theft or alteration while at rest. Fine grained access controls provide project partitioning of shared media and separation of collaboration channels. Reducing the data available to each user reduces the potential damage in the event of a security incident. Software testing staff must be prohibited from accessing source code as part of the security assessment process. Audit records and reports are available to the administrative staff and are a vital part of process oversight(Gomede et al., 2015). The following NIST 800-53 controls are satisfied (NIST, 2015, pp. F-20-21).
| SC-2 | APPLICATION PARTITIONING |
| SC-4 | INFORMATION IN SHARED RESOURCES |
| SC-12 | CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT |
| SC-13 | CRYPTOGRAPHIC PROTECTION |
| SC-15 | COLLABORATIVE COMPUTING DEVICES |
| SC-28 | PROTECTION OF INFORMATION AT REST |
| SC-39 | PROCESS ISOLATION |
There are several more features needed for developing secure and quality software packages by diverse engineering teams(Inflectra, 2018c, p. 2).
- Team and task scheduling.
- Project Management reporting and status information.
- Resource Management for load balancing team efforts.
- Bug Tracking for managing errors and defect remediation.
- Manual or Automated testing.
References
Gomede, E., Da Silva, R. T., & de Barros, R. M. (2015). A Practical Approach to Software Continuous Delivery Focused on Application Lifecycle Management. Paper presented at the SEKE.
Inflectra. (2018a). How To Choose An Application Lifecycle Management Suite (pp. 2).
International Council of E-Commerce Consultants. (2010). Ethical hacking and countermeasures. Clifton Park, NY: Course Technology, CENGAGE Learning.
Menon, V. R., Sathyanathan, S. T., Abraham, K. T., Pahlajani, J. S., & Santhi, H. (2017). SOFTWARE CONFIGURATION MANAGEMENT TECHNIQUES AND PRINCIPLES.
NIST. (2008). NIST 800-60 Rev 1: Guide for Mapping Types of Information and Information Systems to Security Categories (2 Volume) (pp. 53): National Institute of Standards and Technology
NIST. (2014). NIST 800-53A r4: Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans.
NIST. (2015). NIST 800-53: Security and Privacy Controls for Federal Information Systems and Organizations NIST Special Publication (Vol. 800, pp. 462).