LudoLab ConnectSys: Sistema informático para la gestión de eventos de formación y servicio a la comunidad del laboratorio Ludolab : Componente de seguridad.

Abstract

The present curricular integration work focuses on the development and assurance of the LudoLab ConnectSys application, a student management system intended to manage educational projects in the LudoLab laboratory of the Faculty of Systems. The application automates manual processes, improving efficiency and reducing administrative workload. The main focus of this work is security, covering submodules such as access and registration, user approval, authentication and authorization, password management, and auditing. The Kanban methodology, complemented by the Open Web Application Security Project Software Assurance Maturity Model (OWASP SAMM) framework, was used to integrate security practices throughout the software development lifecycle. In the planning phase, functional and non-functional requirements were documented, a risk analysis was performed, and security specifications were defined. In the design phase, database and system architecture diagrams were developed, detailing both the frontend developed in Blazor .NET 8 and the backend based on microservices with Web API .NET 8 and a SQL Server 2022 database. During implementation, the various submodules were developed and tested, ensuring that each component met the security requirements. The results demonstrate that the integration of Kanban and OWASP SAMM is effective in managing and improving security in software development, thus ensuring the protection of sensitive data and the integrity of the system.