Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects

Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects

The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Llanso, T., Barrett, G.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer industry
Conferences
Costs
Information security
Laboratories
Physics
System testing
Taxonomy
US Department of Defense
USA Councils
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.
DOI:10.1109/IAW.2007.381955