Driving Secure Software Initiatives Using FISMA: Issues and Opportunities
نویسندگان
چکیده
Federal agencies install many security controls for Federal Information Security Management Act (FISMA) implementation. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 revision 4 (rev4) standardizes these security and privacy controls. This article presents a study of NIST SP 800-53 security controls. The purpose is to classify the security controls from dimensions relevant to software security. This classification highlights issues and motivates opportunities to drive software security initiatives using FISMA.
منابع مشابه
FiSMA current activities in IT standardisation
from the paper: Software process improvement (SPI) has had its roots primarily in software engineering, nowadays this approach has grown and covers management of software companies SPI is widely used in software companies to improve quality, stakeholders' satisfactions, reduce time-to-market, and introduce cost savings within the company. The current literature widely reports certain critical s...
متن کاملDesigning software to estimate the relative interference between multiple tasks and determine its validity
The most commonly used empirical approach to address issues of attention constraint is evaluate the degree of interference in dual or multiple tasks. The purpose of this study was designing software to estimate the relative interference between multiple tasks and determine its validity in performance prediction of simultaneous multiple tasks. in order to assess the validity of software, 46 stud...
متن کاملUsing Lean Principles to Improve Software Development Practices in a Large-Scale Software Intensive Company
Lean software development is the result of adapting lean principles from the manufacturing context to the software development domain. Recently, the various applications of lean software development have been studied but more empirical evidence is needed, especially from the practitioners’ point of view. Firstly, this thesis provides answers for the understanding of lean software development fr...
متن کاملLEARNER INITIATIVES ACROSS QUESTION-ANSWER SEQUENCES: A CONVERSATION ANALYTIC ACCOUNT OF LANGUAGE CLASSROOM DISCOURSE
This paper investigates learner-initiated responses to English language teachers’ referential questions and learner initiatives after teachers’ feedback moves in meaning-focused question-answer sequences to analyze how interactional practices of language teachers, their initiation and feedback moves, facilitate learner initiatives. Classroom discourse research has largely neglected learner init...
متن کاملTwo Nationally Sponsored Initiatives for Disseminating Assurance Knowledge
Education in software assurance is an essential element in the effort to produce secure code. This paper describes two efforts that support national cybersecurity education goals: development of software assurance learning artifacts that can be integrated into conventional learning environments and development of a master of software assurance reference curriculum. SOFTWARE DEFENSE APPLICATION ...
متن کامل