Design of Reference Model for Improvement of Security Process
This paper is intended to proposal maturity model of security process. There are many risk items that cause the security requirement problems during software development. This paper evaluates the efficiency of security lifecycle that detection of new risk items and remove ratio at the security requirement lifecycle. For the similar domain projects, we can remove security risk items and manage to progress them by using security lifecycle, which can greatly improve the software process.
KeywordsSecurity process Process improvement Maturity model
Unable to display preview. Download preview PDF.
- 1.Garfinkel, S., Spafford, G.: Web security, Privacy and commerce. O’Reilly & Associates, Sebastopol (2002)Google Scholar
- 2.ISO. ISO/IEC 15408-2:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements Google Scholar
- 3.ISO. ISO/IEC 15408-3:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements Google Scholar
- 4.ISO/IEC Guide 65—General Requirements for Bodies Operating Product Certification Systems (1996) Google Scholar
- 5.Pressman, R.S.: A practice’s approach, 6th edn (2005)Google Scholar
- 6.Lee, E.-s., Lee, K.W., Kim, T.-h., Jung, I.-H.: Introduction and evaluation of development system security process of ISO/IEC TR 15504. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 451–460. Springer, Heidelberg (2004)CrossRefGoogle Scholar
- 7.Software Process Improvement Forum, KASPA SPI-7 (December 2002)Google Scholar
- 8.Dunn, R.H.: Software defect removal. McGraw-Hill, New York (1984)Google Scholar