Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.6.1541

Security Design for Information protection System using BSIMM  

Park, Jung-Sup (Korea Internet & Security Agency)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.6, 2015 , pp. 1541-1547 More about this Journal
Abstract
In the recent IT industry, security has established itself as the factor to be considered the most in the software development. It goes without saying that security is the critical factor for the development of information security products. In the evaluation of the information security products, the security is assured by the security architecture requirement (ADV_ARC). However, the Absence of the systematic software security architecture process makes it difficult to guarantee the security quality consistently even though they are evaluated based on common criteria. In this paper, we propose a way to ensure a consistent security quality applying the software security framework in BSIMM.
Keywords
BSIMM; SSDL; Common Criteria;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Gary McGraw, Ph.D., Brian Chess, Ph.D., & Sammy Migues, "Building Security In Maturity Model," the Creative Commons Attribution-Share Alike 3.0 License, May 2010
2 ISO(International Organization for Standardization), "Evaluation criteria for IT security-ISO/IEC 15408-1/2/3:2009," Dec 2009
3 ISO(International Organization for Standardization), "Methodology for IT Security Evaluation-ISO/IEC 18045: 2009," Dec 2009
4 CWE, "https://cwe.mitre.org"
5 CVE, "http://cve.mitre.org"
6 CAPEC, "http://capec.mitre.org"
7 Jae-Woo Im, "Refining software vulnerbility Analysis under ISO/IEC 15408 and 18045," Journal of The Korea Institute of Information Secyrity & Cryptology, 24(5), pp 969-974, Oct. 2014   DOI
8 Yeon-Hee Kang,young-Hwan Bang, Gang-Soo Lee, "Development of Security Evaluation Management System Based on Common Criteria," The Journal of Society for e-Business Studies, 10(3), pp 67-83, Aug 2005
9 Jinseok Park, Heesoo Kang, Seungjoo Kim, "How to Combine Secure Software Development Lifecycle into Common Criteria," Journal of The Korea Institute of Information Secyrity & Cryptology, 24(1), pp 171-182, Feb 2014   DOI