Secure software development lifecycle which supplements security weakness for CC certification
- Authors
- 김종배; Lee, M.-G.; Sohn, H.-J.; Seong, B.-M.
- Issue Date
- Jan-2016
- Publisher
- International Information Institute Ltd.
- Keywords
- Common Criteria; Common Weakness Enumeration; SSDLC; Weakness
- Citation
- Information (Japan), v.19, no.1, pp.297 - 302
- Journal Title
- Information (Japan)
- Volume
- 19
- Number
- 1
- Start Page
- 297
- End Page
- 302
- URI
- http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/5623
- ISSN
- 1343-4500
- Abstract
- The products delivered to governments and public authorities are required to obtain a certain EAL (Evaluation Assurance Level) after receiving a CC certification. Most of the SMEs that develop software usually don't take measures to systematically eliminate security weaknesses. That is why the development is terminated from phase of early development without consideration of the security and developers take charge of testing and manage security weaknesses while dedicated to unit testing and black box testing. In addition, due to the issue of cost, it doesn't have separate CC certification experts. In this paper, accordingly, we propose Secure Software Development Life Cycle (SSDLC) that can mitigate security weaknesses for CC certification which can be a guideline for developers from early phases of development by considering this situation. © 2016 International Information Institute.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School of Software > Major in Software > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.