Design of Reference Model for Improvement of Security Process

Lee, Eun-Ser

doi:10.1007/978-3-642-24106-2_49

Design of Reference Model for Improvement of Security Process

Eun-Ser Lee⁴

Conference paper

1715 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 206))

Abstract

This paper is intended to proposal maturity model of security process. There are many risk items that cause the security requirement problems during software development. This paper evaluates the efficiency of security lifecycle that detection of new risk items and remove ratio at the security requirement lifecycle. For the similar domain projects, we can remove security risk items and manage to progress them by using security lifecycle, which can greatly improve the software process.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Garfinkel, S., Spafford, G.: Web security, Privacy and commerce. O’Reilly & Associates, Sebastopol (2002)
Google Scholar
ISO. ISO/IEC 15408-2:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements
Google Scholar
ISO. ISO/IEC 15408-3:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements
Google Scholar
ISO/IEC Guide 65—General Requirements for Bodies Operating Product Certification Systems (1996)
Google Scholar
Pressman, R.S.: A practice’s approach, 6th edn (2005)
Google Scholar
Lee, E.-s., Lee, K.W., Kim, T.-h., Jung, I.-H.: Introduction and evaluation of development system security process of ISO/IEC TR 15504. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 451–460. Springer, Heidelberg (2004)
Chapter Google Scholar
Software Process Improvement Forum, KASPA SPI-7 (December 2002)
Google Scholar
Dunn, R.H.: Software defect removal. McGraw-Hill, New York (1984)
Google Scholar
Fenton, N., Ohlsson, N.: Quantitative analysis of faults and failures in a complex software system. IEEE Trans. Software Eng. 26, 797–814 (2000)
Article Google Scholar
Lee, E., Lee, K.W., Lee, K.: Development Design Defect Trigger for Software Process Improvement. In: Ramamoorthy, C.V., Lee, R., Lee, K.W. (eds.) SERA 2003. LNCS, vol. 3026, pp. 185–208. Springer, Heidelberg (2004)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Computer Engineering, Andong National University, 388 Songcheon-dong, Andong-city, Gyeongsangbuk-do, 760-749, South Korea
Eun-Ser Lee

Authors

Eun-Ser Lee
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

90301, 3F, Computer Engineering Department, Hannam University, 70 Hannamro, Daedeuk-gu, Daejeon, Korea
Geuk Lee
QinetiQ Company Fellow, Howard Science Limited, 24 Sunrise, WR14 2NJ, Malvern, United Kingdom
Daniel Howard
Institute of Mathematics, University of Warsaw, ul. Banacha 2, 02-097, Warsaw, Poland
Dominik Ślęzak

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Lee, ES. (2011). Design of Reference Model for Improvement of Security Process. In: Lee, G., Howard, D., Ślęzak, D. (eds) Convergence and Hybrid Information Technology. ICHIT 2011. Communications in Computer and Information Science, vol 206. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24106-2_49

Download citation

DOI: https://doi.org/10.1007/978-3-642-24106-2_49
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24105-5
Online ISBN: 978-3-642-24106-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics