Threat description for the PP by using the concept of the assets protected by TOE
ICCS'03 Proceedings of the 2003 international conference on Computational science
Metrics design for software process assessment based on ISO/IEC 15504
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV
Hi-index | 0.00 |
The IT products like as firewall, IDS (Intrusion Detection System) and VPN (Virtual Private Network) which made to perform special functions related to security are used to supply security characteristics. But the method using these products may be not the perfect solution. Therefore, when making some kinds of software products, security-related requirements must be considered. It is essential that not only the customer’s requirements for software functionality should be satisfied but also the security requirements imposed on the software development should be effectively analyzed and implemented in contributing to the security objectives of customer’s requirements. The customer’s requirements must be implemented to software perfectly, but this is not sufficient. The secure software may be implemented by not only applying Firewall or IDS but also considering security requirement appended to customer’s requirement. In this paper, we propose a security engineering based approach considering security when developing software.