As web applications are a type of software for providing web services, its development and operation essentially depend on a software development life cycle (SDLC). However, because it is difficult to ensure the safety in web applications by outsourcing that evade the management based on SDLC, there is a high possibility of using it as a path of cyber attacks. Thus, in this study a web application acquisition procedure for outsourcing that can provide safe web services by strengthening security and makes possible to efficiently manage software by outsourcing from the plan for web applications by outsourcing to its disposal is proposed. The proposed method extends a procedure on security viewpoint that web applications by outsourcing and simply tests whether or not there exists a possibility of hacking in a security perspective. Also, it shows an advantage of providing more safe web services through preparing new threats in web applications without exposing internal service system structures.

• 出版日期2017-5