Browse > Article
http://dx.doi.org/10.9708/jksci.2014.19.10.117

Case Analysis of Legal System and Regulations according to the Needs of S/W Development Security  

Shin, Seong-Yoon (Dept. of Computer Information Engineering, Kunsan National University)
Jeong, Kil-Hyun (Dept. of Internet Communication, Jangan University)
Publication Information
Journal of the Korea Society of Computer and Information / v.19, no.10, 2014 , pp. 117-124 More about this Journal
Abstract
Software Development Security is defined as a sequential procedure such as deleting potential security vulnerability for secure software development, designing or implementing various functions with considering security, and so on. In this paper, we research on domestic or international hacking cases that could damage us mentally or financially. Seventy five percent of Web-site attacks abuses weak points of application programs, or software. We also research on major issues related to software development security with these demerits. And then, we propose public and private laws, regulations, or systems and give some examples with detailed descriptions.
Keywords
S/W Development Security; Security Vulnerability; Hacking Cases; Web-Site Attack;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 P. E. Black, M. Kass, M. Koo, and E. Fong, "Source code security analysis tool functional specification version 1.1," NIST Special Publication 500-268, Feb. 2011.
2 Lee, Hanwook, Shin, Hyu Keun, "A Study of The Robust User Authentication Methods for Memory Hacking Attacks," KIISC review, VOL. 23, NO. 6, pp. 67-75, 2013
3 Choi. June Sung, Kim. Woo Je, Park. Won Hyung, Kook. Kwang Ho, "Defense SW Secure Coding Application Method for Cyberwarfare Focused on the Warfare System Embedded SW Application Level," Journal of the Korean Association of Defense Industry Studies, Vol. 19, No. 2, pp.90-103, 2012
4 Jiho Bang, Rhan Ha, "Evaluation Methodology of Diagnostic Tool for Security Weakness of e-GOV Software," The Journal of Korea Information and Communications Society," Vol. 38C, No. 4, pp. 335-343, 2013. 4   과학기술학회마을   DOI   ScienceOn
5 MOPAS, "Guidelines on building and operating Information Systems," MOPAS Notification No.2012-25, June 2012
6 G. McGraw and B. Potter, "Software Security Testing," IEEE Security and Privacy, Vol.2, pp.81-85, Sep. 2004.
7 Seong-Yoon Shin, Dai-Hyun Jang, Hyeong-Jin Kim, "A Study on Security Measure of Step-Wise Project," Journal of the Korea Institute of Information and Communication Engineering, Vol. 18, No. 4, pp. 771-778, Apr. 2012
8 Won-Hee Nam, Dea-Woo Park, "A Study on Cloud Network and Security System Analysis for Enhanced Security of Legislative Authority," The Journal of the Korean Institute of Information and Communication Engineering, Vol. 15, No. 6, pp. 1320-1326, 2011. 6   과학기술학회마을   DOI   ScienceOn
9 G. McGraw, "Software assurance for security," IEEE Computer, vol. 32, pp. 103-105, Apr. 1999.   DOI   ScienceOn
10 B. Arkin, S. Stender and G. McGraw,"Software penetration testing," IEEE Security & Privacy, vol.3, pp. 84-87, Jan.2005.
11 D.P. Gilliam, T.L. Wolfe, J.S. Sherif and M. Bishop, "Software Security Checklist for the Software Life Cycle," Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 243,Jun. 2003.
12 http://certlys82.tistory.com/57