Towards an Approach for Security Risk Analysis in COTS Based Development
نویسندگان
چکیده
More and more companies tend to use secure products as COTS to develop their secure systems due to resource limitations. The security concerns add more complexity as well as potential risks to COTS selection process, and it is always a great challenge for developers to make the selection decisions. In this paper, we provide a method for security risk analysis in COTS based development (CBD) based on Common Criteria and our previous work in identifying general risk items for CBD. The research result provides useful insights for developers in identifying security risks, so that it can be used to aid for the COTS selection decision.
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملCommunity-Based disaster risk Management towards Sustainable Development
Background and Purpose:With the rise of natural disasters, different societies have continually sought to discover solutions to control or minimize the damage caused by unexpected events and to actually manage disasters. In the past few decades, the need for social participation to reduce disasters has increased. The community-based disaster risk management framework is growing. Therefore, thi...
متن کاملA Common Criteria Based Approach for COTS Component Selection
Component-based software engineering (CBSE) endeavors to enable software developers to develop quality software systems with less time and resources than traditional development approaches. Software components must be identified and evaluated in order to determine if they provide required functionality for systems being developed. Consideration of security requirements for component selection i...
متن کاملIdentification of Key Factors Influencing Tourism Development with Foresight Approach (Case study: Yazd province)
The present study, with a futuristic approach, identifies the most important factors affecting the future status of sustainable tourism in Yazd province and examines the extent and manner of these factors on each other. This research was applied in terms of its purpose and in terms of a combination of documentary and survey methods, and in terms of its nature, based on new methods of futuristic...
متن کاملA dynamic risk analysis on new product development process
Abstract In the dynamic and competitive market, managers seek to find effective strategies for new products development. Since There has not been a thorough research in this field, this study is based on a review on the risks exist in the NPD process and an analysis of risks through FMEA approach to prioritize the existent risks and a modeling behavior of the NPD process and main risks using s...
متن کامل