Article

Evaluation of Security Lifecycle for the Quantitative Analysis

Authors:

Kim Young Jip,

Eun-Ser LeeAuthors Info & Claims

ICHIT '08: Proceedings of the 2008 International Conference on Convergence and Hybrid Information Technology

Pages 727 - 731

https://doi.org/10.1109/ICHIT.2008.212

Published: 28 August 2008 Publication History

Publisher Site

Abstract

This paper is intended to evaluate security lifecycle and efficiency in ISO/IEC 15408, Common Criteria. There are many risk items that cause the security requirement problems during software development. This paper evaluates the efficiency of security lifecycle that detection of new risk items and remove ratio at the security requirement lifecycle. For the similar domain projects, we can remove security risk items and manage to progress them by using security lifecycle, which can greatly improve the software process.

Evaluation of Security Lifecycle for the Quantitative Analysis
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems

Recommendations

Security engineering risk analysis (SERA)
SER&IP '16: Proceedings of the 3rd International Workshop on Software Engineering Research and Industrial Practice

In this presentation, I describe how the SEI's Security Engineering Risk Analysis (SERA) method provides a structure that connects desired system functionality with the underlying software to evaluate the sufficiency of requirements for software ...
Security Maturity Self-Assessment Framework for Software Development Lifecycle
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Vulnerable software often originates from insufficient attention to security in the software development lifecycle. However, current maturity models provide limited support for the teams to assess the security maturity of their software development ...
Implementing information security best practices on software lifecycle processes

The ISO/IEC 15504 international standard can be aligned with the ISO/IEC 27000 information security management framework. During the research conducted all the existing relations between ISO/IEC 15504-5 software development base practices and ISO/IEC ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICHIT '08: Proceedings of the 2008 International Conference on Convergence and Hybrid Information Technology

August 2008

834 pages

ISBN:9780769533285

Publisher

IEEE Computer Society

United States

Publication History

Published: 28 August 2008

Author Tags

Qualifiers

Article

Recommendations

Security engineering risk analysis (SERA)

Security Maturity Self-Assessment Framework for Software Development Lifecycle

Implementing information security best practices on software lifecycle processes

Comments

Published In

Publisher

Publication History

Author Tags

Qualifiers

Other Metrics

Article Metrics

Other Metrics

Abstract

Recommendations

Security engineering risk analysis (SERA)

Security Maturity Self-Assessment Framework for Software Development Lifecycle

Implementing information security best practices on software lifecycle processes

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations