Quality-Driven Business Policy Specification and Refinement for Service-Oriented Systems
ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
Assessing information quality of e-learning systems: a web mining approach
Computers in Human Behavior
Addressing security compatibility for multi-tenant cloud services
International Journal of Computer Applications in Technology
| Hi-index | 0.00 |
The paper proposes an assessment scheme for the security properties of software components. The proposed scheme consists of three stages: (i) a system-specific security requirement specification of the enclosing application; (ii) a component-specific security rating; and (iii) an evaluation method for the scored security properties of the candidate component. The assessment scheme ultimately provides a numeric score indicating a relative strength of the security properties of the candidate component. The scheme is partially based on ISO/IEC 15408, the Common Criteria for Information Technology Security Evaluation (CC) and the Multi-Element Component Comparison and Analysis (MECCA) model. The scheme is flexible enough for software engineers to use in order to get a first-hand preliminary assessment of the security posture of candidate components.