Abstract
Information and Communications Technology is becoming synonymous with the survival and sustenance of human race in social, economic, political and military terms. As a result of this the security of ICT is becoming a serious global concern. USA alone looses about $38B in security lapses and tracking of virus incidents alone runs into the range of $80B per year worldwide. These losses are incurred despite an estimated security market size of $36B expected by the year 2007-08. There are no foolproof solutions in sight.
Software is the lynchpin of information systems. However software is prone to suffer disability, damage, denial, disruption or destruction in information systems. Thus insecure software is the single most serious security concern being faced by the society. The new focus across the global ICT community is therefore to eliminate threats and vulnerabilities to software by removing the root causes of its weaknesses by revisiting the life cycle approach to software engineering, whereby security is built into each stage rather than bolting it down as an after thought. The secure software is a demand of every customer. Efforts are underway in many countries to answer the call for this demand.
In this talk I will present how ICT security is emerging a 21 century global nightmare, the new global vision of ICT security, where the world is moving to in the context of cyber security, why and how software is the weakest building block in ICT security journey, how the development of secure or trustworthy software can address majority of the cyber security concerns, what are the challenges of developing secure or trustworthy software, why a global initiative and collaboration is necessary, why should India position itself to be the secure or trustworthy software power house, what will it take India to create secure software development capability, what is India’s value proposition in terms of education, emerging R&D base, quality, manpower etc. to succeed in secure software initiative, how to mobilize India to develop secure software development capability. The analysis presented to build a case for India will cover protection of Information Age Infrastructures as immediate national necessity, standards driven security framework for National Information Infrastructures, life cycle approach to secure software development and outlines of a blue print for India to develop into a secure software development destination.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Report, Processes to Produce Secure Software, Volume I, Home Land Security, USA, Task Force on Security Across the Software Development lifecycle (March 2004)
Report, Cyber Security for Home Land US House of Representatives Select Committee on Home Land Security (December 2004)
Software 2015: A National Software Strategy to Ensure U.S. Security and Competitiveness www.cnsoftware.org/nss2report/NSS2FinalReport04-29-05PDF.pdf
Full Report: Security Across the Software Development Life Cycle, http://www.cyberpartnership.org/init-soft.html
Cyber Security: A Crisis of Prioritization, A report by the President’s Information Technology Advisory Committee, (February 2005), http://www.nitrd.gov/pitac/reports/20050301_cybersecurity/cybersecurity.pdf
Security and Dependability R&D for Europe, Overview of Security Task Force Initiatives (2005)
Report, Security and Application Development Process, Robert Frances Group
Report, The Trustworthy Computing Security Development Lifecycle, Steve Lipner & Michael Howard, Microsoft (March 2005)
Report, Microsoft’s Security Development Lifecycle (May 2005)
Report, Russia Security Software Forecast and Analysis - 2002-07 (December 2003)
Report, China - Shape of he Software Industry and Information Security Services (2005)
IT Security and Operational Management Must Converge (G00124711) - Nicolett, Girard.pdf (November 2004)
How to Develop an Effective Vulnerability Management Process (G00124126) - Nicolett.pdf (March 2005)
Report, Security and Survivability Resourcing Frameworks and Architectural Design Tactics, CMU / SEI - 2004 - TN022
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chand, P. (2005). Building India as the Destination for Secure Software Development – Next Wave of Opportunities for the ICT Industry. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_4
Download citation
DOI: https://doi.org/10.1007/11593980_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30706-8
Online ISBN: 978-3-540-32422-5
eBook Packages: Computer ScienceComputer Science (R0)