Integrating Software Lifecycle Process Standards with Security Engineering

Integrating Software Lifecycle Process Standards with Security Engineering

Since the advent and astronomical rise of the Internet and E-business, organizations must secure their computer systems or risk malicious attacks. While there have been several software lifecycle process standards (SLPS) for both military and industrial software development, their activities and del...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security 2002-01, Vol.21 (4), p.345-355
Main Authors: Lee, Younghwa, Lee, Jintae, Lee, Zoonky
Format: Article
Language:eng
Subjects:
Computer Security
IEEE/EIA 12207
Information systems
Integrated software
Life cycles
Security Engineering
Software Lifecycle Process Standard
Studies
Systems development
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Since the advent and astronomical rise of the Internet and E-business, organizations must secure their computer systems or risk malicious attacks. While there have been several software lifecycle process standards (SLPS) for both military and industrial software development, their activities and deliverables are not yet integrated with security engineering (SE) activities. This lack of integration has created conflicts among the system development stakeholders (e.g. system acquirers and developers) during secure information systems development projects. This paper proposes an integration model that interweaves all the process activities and deliverables of SLPS with SE activities, taking IEEE/EIA 12207 as an example of SLPS. This model provides practical guidelines for the development of secure information systems while informing stakeholders how SLPS is related to the SE activities.
ISSN:0167-4048
1872-6208