Security by Design

design, OWASP, security, web application


  • Elena-Denisa STROE (Primary Contact)
    Faculty of Electronics, Telecommunications and Information Technology, University POLITEHNICA of Bucharest, Romania


The security should be an area that can cover multiple technical disciplines that needs to be focused on customers and to try protecting against different threats. There can be multiple disciplines that can be part of the security and those can be: assurance, anti-tamper and information assurance and cybersecurity. Security must be taken into consideration throughout the entire product lifecycle in order to maximize the protection of a system. The purpose of this article is to highlight design security flaws which should always be considered as part of the design flow for an application or a product. The recommendations can be applied in combination with different methodologies, depending on what the company chooses to use, wheatear it is Agile or Waterfall. Principle of security by design will be tackled within the article.