Abstract
The IT products like as firewall, IDS (Intrusion Detection System) and VPN (Virtual Private Network) which made to perform special functions related to security are used to supply security characteristics. But the method using these products may be not the perfect solution. Therefore, when making some kinds of software products, security-related requirements must be considered. It is essential that not only the customer’s requirements for software functionality should be satisfied but also the security requirements imposed on the software development should be effectively analyzed and implemented in contributing to the security objectives of customer’s requirements. The customer’s requirements must be implemented to software perfectly, but this is not sufficient. The secure software may be implemented by not only applying Firewall or IDS but also considering security requirement appended to customer’s requirement. In this paper, we propose a security engineering based approach considering security when developing software.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ISO. ISO/IEC 21827 Information technology – Systems Security Engineering Capability Maturity Model (SSE-CMM)
ISO. ISO/IEC 15408-1:1999 Information technology - Security techniques – Evaluation criteria for IT security - Part 1: Introduction and general model
ISO. ISO/IEC 15408-2:1999 Information technology - Security techniques – Evaluation criteria for IT security - Part 2: Security functional requirements
ISO. ISO/IEC 15408-3:1999 Information technology - Security techniques – Evaluation criteria for IT security - Part 3: Security assurance requirements
Kim, T.-H., No, B.-G., Lee, D.-C.: Threat Description for the PP by Using the Concept of the Assets Protected by TOE. In: Sloot, P.M.A., Abramson, D., Bogdanov, A.V., Gorbachev, Y.E., Dongarra, J., Zomaya, A.Y. (eds.) ICCS 2003. LNCS, vol. 2660, pp. 605–613. Springer, Heidelberg (2003)
NSA, The Information Assurance Technical Framework (September 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, Es., Hwang, Sm. (2004). Software Design Method Enhanced by Appended Security Requirements. In: Aizawa, K., Nakamura, Y., Satoh, S. (eds) Advances in Multimedia Information Processing - PCM 2004. PCM 2004. Lecture Notes in Computer Science, vol 3331. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30541-5_71
Download citation
DOI: https://doi.org/10.1007/978-3-540-30541-5_71
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23974-1
Online ISBN: 978-3-540-30541-5
eBook Packages: Computer ScienceComputer Science (R0)