Secure Design and Development of Applications in the Cloud and Mobile Ecosystem
Sequeiros, J.
;
Chimuco, F.
;
Simões, Tiago M. C.
;
Freire, M.
;
Inácio , P. R. M. I.
Secure Design and Development of Applications in the Cloud and Mobile Ecosystem, Proc Inforum - Simpósio de Informática, Porto, Portugal, Vol. , pp. - , September, 2023.
Digital Object Identifier:
Download Full text PDF ( 318 KBs)
Abstract
We have been witnessing widespread adoption of mobile devices and applications. However, this has not been accompanied by the adoption of good practices in secure development, and there is a considerable gap between software engineering and security engineering. This paper presents a framework, named Security by Design for Cloud and Mobile Ecosystem (SecD4CLOUDMOBILE), which was created to assist developers of Cloud-based mobile applications by providing technical guidance, especially for non-security experts, to ensure security and privacy by design. It is a set of tools that allows answering questions commonly asked by software engineers during the process of software development. ChatGPT was integrated into the methods responsible for generating a set of systematized and complete documents, in response to user requests. It is composed of five main modules. The preliminary validation of the tools consisted of the selection of two real use cases, which were applied to the CSRE and CSBPG tools. The results between chatGTP and the platform are similar, which means that there is agreement on the results that should be given to the user.