Abstract
This paper is intended to proposal maturity model of security process. There are many risk items that cause the security requirement problems during software development. This paper evaluates the efficiency of security lifecycle that detection of new risk items and remove ratio at the security requirement lifecycle. For the similar domain projects, we can remove security risk items and manage to progress them by using security lifecycle, which can greatly improve the software process.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Garfinkel, S., Spafford, G.: Web security, Privacy and commerce. O’Reilly & Associates, Sebastopol (2002)
ISO. ISO/IEC 15408-2:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements
ISO. ISO/IEC 15408-3:1999 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements
ISO/IEC Guide 65—General Requirements for Bodies Operating Product Certification Systems (1996)
Pressman, R.S.: A practice’s approach, 6th edn (2005)
Lee, E.-s., Lee, K.W., Kim, T.-h., Jung, I.-H.: Introduction and evaluation of development system security process of ISO/IEC TR 15504. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 451–460. Springer, Heidelberg (2004)
Software Process Improvement Forum, KASPA SPI-7 (December 2002)
Dunn, R.H.: Software defect removal. McGraw-Hill, New York (1984)
Fenton, N., Ohlsson, N.: Quantitative analysis of faults and failures in a complex software system. IEEE Trans. Software Eng. 26, 797–814 (2000)
Lee, E., Lee, K.W., Lee, K.: Development Design Defect Trigger for Software Process Improvement. In: Ramamoorthy, C.V., Lee, R., Lee, K.W. (eds.) SERA 2003. LNCS, vol. 3026, pp. 185–208. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, ES. (2011). Design of Reference Model for Improvement of Security Process. In: Lee, G., Howard, D., Ślęzak, D. (eds) Convergence and Hybrid Information Technology. ICHIT 2011. Communications in Computer and Information Science, vol 206. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24106-2_49
Download citation
DOI: https://doi.org/10.1007/978-3-642-24106-2_49
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24105-5
Online ISBN: 978-3-642-24106-2
eBook Packages: Computer ScienceComputer Science (R0)