JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Security Design for Information protection System using BSIMM
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Security Design for Information protection System using BSIMM
Park, Jung-Sup;
  PDF(new window)
 Abstract
In the recent IT industry, security has established itself as the factor to be considered the most in the software development. It goes without saying that security is the critical factor for the development of information security products. In the evaluation of the information security products, the security is assured by the security architecture requirement (ADV_ARC). However, the Absence of the systematic software security architecture process makes it difficult to guarantee the security quality consistently even though they are evaluated based on common criteria. In this paper, we propose a way to ensure a consistent security quality applying the software security framework in BSIMM.
 Keywords
BSIMM;SSDL;Common Criteria;
 Language
Korean
 Cited by
 References
1.
Gary McGraw, Ph.D., Brian Chess, Ph.D., & Sammy Migues, "Building Security In Maturity Model," the Creative Commons Attribution-Share Alike 3.0 License, May 2010

2.
ISO(International Organization for Standardization), "Evaluation criteria for IT security-ISO/IEC 15408-1/2/3:2009," Dec 2009

3.
ISO(International Organization for Standardization), "Methodology for IT Security Evaluation-ISO/IEC 18045: 2009," Dec 2009

4.
CWE, "https://cwe.mitre.org"

5.
CVE, "http://cve.mitre.org"

6.
CAPEC, "http://capec.mitre.org"

7.
Jae-Woo Im, "Refining software vulnerbility Analysis under ISO/IEC 15408 and 18045," Journal of The Korea Institute of Information Secyrity & Cryptology, 24(5), pp 969-974, Oct. 2014 crossref(new window)

8.
Yeon-Hee Kang,young-Hwan Bang, Gang-Soo Lee, "Development of Security Evaluation Management System Based on Common Criteria," The Journal of Society for e-Business Studies, 10(3), pp 67-83, Aug 2005

9.
Jinseok Park, Heesoo Kang, Seungjoo Kim, "How to Combine Secure Software Development Lifecycle into Common Criteria," Journal of The Korea Institute of Information Secyrity & Cryptology, 24(1), pp 171-182, Feb 2014 crossref(new window)