{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T02:05:21Z","timestamp":1763345121986,"version":"3.45.0"},"reference-count":49,"publisher":"Tech Science Press","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["CMC"],"published-print":{"date-parts":[[2025]]},"DOI":"10.32604\/cmc.2025.067127","type":"journal-article","created":{"date-parts":[[2025,8,6]],"date-time":"2025-08-06T08:21:37Z","timestamp":1754468497000},"page":"1807-1858","source":"Crossref","is-referenced-by-count":0,"title":["Secure Development Methodology for Full Stack Web Applications: Proof of the Methodology Applied to Vue.js, Spring Boot and MySQL"],"prefix":"10.32604","volume":"85","author":[{"given":"Kevin Santiago Rey","family":"Rodriguez","sequence":"first","affiliation":[]},{"given":"Juli\u00e1n David Avellaneda","family":"Galindo","sequence":"additional","affiliation":[]},{"given":"Josep T\u00e1rrega","family":"Juan","sequence":"additional","affiliation":[]},{"given":"Juan Ram\u00f3n","family":"Bermejo Higuera","sequence":"additional","affiliation":[]},{"given":"Javier","family":"Bermejo Higuera","sequence":"additional","affiliation":[]},{"given":"Juan Antonio Sicilia","family":"Montalvo","sequence":"additional","affiliation":[]}],"member":"17807","published-online":{"date-parts":[[2025]]},"reference":[{"key":"ref1","doi-asserted-by":"crossref","first-page":"7","DOI":"10.61992\/jiem.v6i1.57","article-title":"Cybersecurity challenges in the era of digital transformation a comprehensive analysis of information systems","volume":"6","author":"Ahmad","year":"2024","journal-title":"JIEM"},{"key":"ref2","unstructured":"Perera Y. Enhancing the front end web applications performance using design patterns and microservices based architecture [bachelor\u2019s thesis]. Kelaniya, Sri Lanka: University of Kelaniya; 2023. doi:10.13140\/RG.2.2.36067.53286."},{"key":"ref3","doi-asserted-by":"crossref","first-page":"31","DOI":"10.30564\/jcsr.v4i2.4048","article-title":"Optimization of secure coding practices in SDLC as part of cybersecurity framework","volume":"4","author":"Jakimoski","year":"2022","journal-title":"J Comput Sci Res"},{"key":"ref4","first-page":"1","article-title":"Requirements risk management for continuous development: organisational needs","volume":"28","author":"Kainulainen","year":"2024","journal-title":"Australas J Inf Syst"},{"key":"ref5","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1016\/j.cose.2011.12.001","article-title":"Unrealistic optimism on information security management","volume":"31","author":"Rhee","year":"2012","journal-title":"Comput Secur"},{"key":"ref6","first-page":"417","article-title":"Analysis of cybersecurity standard and framework components","volume":"12","author":"Syafrizal","year":"2020","journal-title":"Int J Commun Netw Inf Secur"},{"key":"ref7","doi-asserted-by":"crossref","first-page":"450","DOI":"10.3390\/software1040019","article-title":"Security requirements prioritization techniques: a survey and classification framework","volume":"1","author":"Khanneh","year":"2022","journal-title":"Software"},{"key":"ref8","series-title":"Proceedings of the 10th ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement; 2016 Sep 8\u20139","first-page":"1","article-title":"Static analysis and penetration testing from the perspective of maintenance teams","author":"Ceccato"},{"key":"ref9","unstructured":"Kudriavtseva A, Gadyatskaya O. Secure software development methodologies: a multivocal literature review. arXiv:2211.16987. 2022. doi:10.48550\/arxiv.2211.16987."},{"key":"ref10","first-page":"2320","article-title":"Secure software development practices for mitigating cyber vulnerabilities in enterprise applications","volume":"12","author":"Dopamu","year":"2024","journal-title":"Int J Creat Res Thoughts"},{"key":"ref11","first-page":"2330","article-title":"Threat modeling in web application security: a forward-thinking to secure software development","volume":"3","author":"Phanireddy","year":"2025","journal-title":"SSRN J"},{"key":"ref12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.47604\/ijts.2268","article-title":"Enhancing software quality through early-phase of software verification and validation techniques","volume":"8","author":"Alphonce","year":"2024","journal-title":"Int J Technol Syst"},{"key":"ref13","unstructured":"Torredimare A. Extension of an enterprise web application for top-management reporting: a modular approach to web application development [master\u2019s thesis]. Turin, Italy: Politecnico di Torino; 2024 [cited 2025 Jul 11]. Available from: https:\/\/webthesis.biblio.polito.it\/secure\/33954\/1\/tesi.pdf."},{"key":"ref14","unstructured":"Sul\u00edr M, Porub\u00e4n J, Chodarev S. Local software buildability across Java versions (registered report). arXiv:2408.11544. 2024. doi:10.48550\/arxiv.2408.11544."},{"key":"ref15","doi-asserted-by":"crossref","first-page":"1060","DOI":"10.32996\/jcsts.2025.7.4.120","article-title":"Integration of Zuora billing system in microservices architecture: a spring boot implementation","volume":"7","author":"Suroju","year":"2025","journal-title":"J Comput Sci Technol Stud"},{"key":"ref16","doi-asserted-by":"crossref","first-page":"149","DOI":"10.1007\/978-981-99-7817-5_12","author":"Rajput","year":"2024","journal-title":"Data science and applications"},{"key":"ref17","series-title":"Proceedings of the 2023 3rd International Symposium on Computer Technology and Information Science (ISCTIS)","first-page":"819","article-title":"Practice and application of Wiki open source document platform based on VUE","author":"Liu","year":"2023 Jul 7\u20139"},{"key":"ref18","doi-asserted-by":"crossref","DOI":"10.2139\/ssrn.1529803","article-title":"Security challenges of modern web applications","author":"Sireteanu","year":"2009","journal-title":"SSRN J"},{"key":"ref19","unstructured":"Smith D. An exploration of the capability of a relational database management system to encompass business and persistence capabilities within architecturally layered software. Milton Keynes, UK: Open university; 2023 [cited 2025 Jul 12]. Available from: https:\/\/oro.open.ac.uk\/94299\/1\/SMITH_T847_VOR.pdf."},{"key":"ref20","series-title":"Proceedings of the 2023 International Conference on Distributed Computing and Electrical Circuits and Electronics (ICDCECE); 2023 Apr 29\u201330","first-page":"1","article-title":"An innovative solution for data persistence problem in reliable data transmission","author":"Sharma"},{"key":"ref21","article-title":"Software bugs: detection, analysis and fixing","author":"Bello","year":"2024 [cited 2025 Jul 9]","journal-title":"SSRN J [Internet]"},{"key":"ref22","first-page":"63","article-title":"Tackling the digitalization challenge: how to benefit from digitalization in practice","volume":"5","author":"Parviainen","year":"2017","journal-title":"Int J Inf Syst Proj Manag"},{"key":"ref23","series-title":"Proceedings of the ICCWS 2023 18th International Conference on Cyber Warfare and Security; 2023 Mar 8\u20139","first-page":"337","article-title":"Cybersecurity in digital transformation applications: analysis of past research and future directions","author":"Haleem"},{"article-title":"The concept of digitalization and its impact on the modern economy","series-title":"Proceedings of the International Scientific Conference Far East Con (ISCFEC 2020); 2020 Oct 6\u20139","author":"Mentsiev","key":"ref24"},{"key":"ref25","unstructured":"European Commission. A europe fit for the digital age [Internet]. 2024 [cited 2025 Jul 11]. Available from: https:\/\/commission.europa.eu\/strategy-and-policy\/priorities-2019-2024\/europe-fit-digital-age_en."},{"key":"ref26","doi-asserted-by":"crossref","first-page":"6666","DOI":"10.3390\/s23156666","article-title":"Digital transformation and cybersecurity challenges for businesses resilience: issues and recommendations","volume":"23","author":"Saeed","year":"2023","journal-title":"Sensors"},{"key":"ref27","doi-asserted-by":"crossref","unstructured":"Eekelen V, Pieterse M. Which are harder? Soft skills or hard skills? In: Proceedings of the Annual Conference of the Southern African Computer Lecturers\u2019 Association (SACLA 2016); 2016 Jul 5\u20136; Cullinan, South Africa. p. 160\u20137. doi:10.1007\/978-3-319-47680-3_15.","DOI":"10.1007\/978-3-319-47680-3_15"},{"key":"ref28","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-10294-3","author":"Mistr\u00edk","year":"2010","journal-title":"Collaborative software engineering"},{"key":"ref29","unstructured":"Bonsignour C.Jones O. The economics of software quality [Internet]. 2012 [cited 2025 Jul 11]. Available from: https:\/\/ptgmedia.pearsoncmg.com\/images\/9780132582209\/samplepages\/0132582201.pdf."},{"key":"ref30","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1145\/1610252.1610286","article-title":"Why did your project fail?","volume":"52","author":"Cerpa","year":"2009","journal-title":"Commun ACM"},{"key":"ref31","doi-asserted-by":"crossref","first-page":"108","DOI":"10.3390\/asi6060108","article-title":"Simulating the software development lifecycle: the waterfall model","volume":"6","author":"Saravanos","year":"2023","journal-title":"Appl Syst Innov"},{"key":"ref32","first-page":"106","article-title":"A comparison between three SDLC models waterfall model, spiral model, and incremental\/iterative model","volume":"12","author":"Bahattab","year":"2015","journal-title":"Int J Comput Sci Issues"},{"key":"ref33","doi-asserted-by":"crossref","first-page":"278","DOI":"10.24052\/BMR\/V11NU01\/ART-29","article-title":"Challenges for organizational structure and design as a result of digitalization and cybersecurity","volume":"11","author":"Mo\u015fteanu","year":"2020","journal-title":"Bus Manag Rev"},{"key":"ref34","doi-asserted-by":"crossref","unstructured":"Manadhata PK, Tan KMC, Maxion JA, Jeannette MW. An approach to measuring a system\u2019s attack surface. Pittsburgh, PA, USA: Carnegie Mellon University; 2007 [cited 2025 Jul 11]. Available from: https:\/\/www.cs.cmu.edu\/~wing\/publications\/CMU-CS-07-146.pdf.","DOI":"10.21236\/ADA476977"},{"key":"ref35","first-page":"133","article-title":"The times of cyber attacks","volume":"13","author":"Singh","year":"2020","journal-title":"Acta Tech Corviniensis"},{"key":"ref36","unstructured":"Johnsson DB, Deogun D, Sawano D. Secure by design. New York, NY, USA: Manning Publications; 2019 [cited 2025 Jun 13]. Available from: https:\/\/www.manning.com\/books\/secure-by-design."},{"key":"ref37","first-page":"94","article-title":"A comparison between five models of software engineering","volume":"7","author":"Govardhan","year":"2010","journal-title":"Int J Comput Sci Issues"},{"key":"ref38","unstructured":"Olmsted A. Security-driven software development: learn to analyze and mitigate risks in your software projects. Birmingham, UK: Packt Publishing Ltd.; 2024 [cited 2025 Jul 10]. Available from: https:\/\/www.amazon.com\/Security-Driven-Software-Development-mitigate-software\/dp\/1835462839."},{"key":"ref39","series-title":"Proceedings of COMPASS \u201897: 12th Annual Conference on Computer Assurance; 1997 Jun 16\u201319","first-page":"117","article-title":"Testing for security during development: why we should scrap penetrate-and-patch","author":"McGraw"},{"key":"ref40","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MSECP.2004.1281254","article-title":"Software security: a touchstone for reliability","volume":"2","author":"McGraw","year":"2004","journal-title":"IEEE Secur Priv"},{"article-title":"The trustworthy computing security development lifecycle","series-title":"Proceedings of the 20th Annual Computer Security Applications Conference; 2004 Dec 6\u201310","author":"Lipner","key":"ref41"},{"key":"ref42","doi-asserted-by":"crossref","first-page":"53","DOI":"10.30574\/wjarr.2023.18.3.0944","article-title":"Theory and practice in secure software development lifecycle: a comprehensive survey","volume":"18","author":"Otieno","year":"2023","journal-title":"World J Adv Res Rev"},{"journal-title":"Threat modeling: designing for security","year":"2014","author":"Shostack","key":"ref43"},{"key":"ref44","unstructured":"OWASP F. Software assurance maturity model (SAMM) (Version 2.0) [Internet]. 2020 [cited 2025 Jul 10]. Available from: https:\/\/owaspsamm.org."},{"key":"ref45","doi-asserted-by":"crossref","first-page":"327","DOI":"10.1007\/978-3-031-53227-6_23","author":"Baninemeh","year":"2024","journal-title":"Software business"},{"key":"ref46","unstructured":"Synopsys. BSIMM15: building security in maturity model (BSIMM) [Internet]. 2025 [cited 2025 Jul 10]. Available from: https:\/\/www.bsimm.com."},{"key":"ref47","article-title":"Secure software development life cycle: implementation challenges in small and medium enterprises (SMEs)","author":"Singh","year":"2025","journal-title":"Authorea"},{"key":"ref48","unstructured":"Hellquist E. Evaluating security for javascript-based frontend frameworks [master\u2019s thesis]. Ume\u00e5, Sweden: UME\u00c5 University; 2024 [cited 2025 Jul 10]. Available from: https:\/\/umu.diva-portal.org\/smash\/get\/diva2:1928741\/FULLTEXT01.pdf."},{"key":"ref49","unstructured":"Foundation TO. Software assurance maturity model. 2024 [cited 2025 Jul 10]. Available from: https:\/\/owasp.org\/www-project-samm\/."}],"container-title":["Computers, Materials &amp; Continua"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/cdn.techscience.cn\/files\/cmc\/2025\/TSP_CMC-85-1\/TSP_CMC_67127\/TSP_CMC_67127.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T02:01:23Z","timestamp":1763344883000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.techscience.com\/cmc\/v85n1\/63558"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":49,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025]]},"published-print":{"date-parts":[[2025]]}},"URL":"https:\/\/doi.org\/10.32604\/cmc.2025.067127","relation":{},"ISSN":["1546-2226"],"issn-type":[{"type":"electronic","value":"1546-2226"}],"subject":[],"published":{"date-parts":[[2025]]}}}