ABSTRACT
This chapter aims to identify a good Security Development Lifecycle which implements security as functional requirement, and apply it to the development of a web application to make it secure against common software vulnerabilities. Development teams usually do threat modeling, with project managers, developers, and testing teams addressing primary security analysis tasks during the design phase. The chapter starts with the requirements phase in which functional and security requirements were defined using misuse cases. The design phase consisted of wireframes of the application, security architecture, threat models, user interaction areas, and application access points. In the work described in this chapter, the application requires user authentication using a unique identifier, in this case a student ID number. Security in the computing world has gained importance, and research on security has become more urgent as the number of security threats grows.
