Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects

Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects

The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Llanso, T., Barrett, G.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer industry
Conferences
Costs
Information security
Laboratories
Physics
System testing
Taxonomy
US Department of Defense
USA Councils
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 358
container_issue
container_start_page 357
container_title
container_volume
creator Llanso, T.
Barrett, G.
description The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.
doi_str_mv 10.1109/IAW.2007.381955
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_4267583</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>4267583</ieee_id><sourcerecordid>4267583</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-f03ff773dff7f8c606922fc1421099b2775401c6dbed3e79677004225db8fc0b3</originalsourceid><addsrcrecordid>eNpFj01Lw0AYhFdEUGvPHrzsDzB1P7PJMRRbAwVBIx7LZvNuWWk2MbsR--9Nq-AcZpg5PDAI3VKyoJTkD2XxvmCEqAXPaC7lGbqmgglBORHi_L_w9BLNQ_ggk3guqVBXqC_G2LU6QoOrQRvnd1j7Bpc-wm7Q0XUedxa_ghkHFw94NXpzHPX-2L6cxi_wOboBWvAx4Ep_d75rHYR7XHjfxRMhnJBF6MHEcIMurN4HmP_lDL2tHqvlU7J5XpfLYpM4qmRMLOHWKsWbyW1mUpLmjFkzXZkO5zVTSgpCTdrU0HBQeaoUIYIx2dSZNaTmM3T3y3UAsO0H1-rhsBUsVTLj_AfYjFtT</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Llanso, T. ; Barrett, G.</creator><creatorcontrib>Llanso, T. ; Barrett, G.</creatorcontrib><description>The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.</description><identifier>ISBN: 1424413036</identifier><identifier>ISBN: 9781424413034</identifier><identifier>EISBN: 1424413044</identifier><identifier>EISBN: 9781424413041</identifier><identifier>DOI: 10.1109/IAW.2007.381955</identifier><language>eng</language><publisher>IEEE</publisher><subject>Computer industry ; Conferences ; Costs ; Information security ; Laboratories ; Physics ; System testing ; Taxonomy ; US Department of Defense ; USA Councils</subject><ispartof>2007 IEEE SMC Information Assurance and Security Workshop, 2007, p.357-358</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/4267583$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/4267583$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Llanso, T.</creatorcontrib><creatorcontrib>Barrett, G.</creatorcontrib><title>Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects</title><title>2007 IEEE SMC Information Assurance and Security Workshop</title><addtitle>IAW</addtitle><description>The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.</description><subject>Computer industry</subject><subject>Conferences</subject><subject>Costs</subject><subject>Information security</subject><subject>Laboratories</subject><subject>Physics</subject><subject>System testing</subject><subject>Taxonomy</subject><subject>US Department of Defense</subject><subject>USA Councils</subject><isbn>1424413036</isbn><isbn>9781424413034</isbn><isbn>1424413044</isbn><isbn>9781424413041</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2007</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpFj01Lw0AYhFdEUGvPHrzsDzB1P7PJMRRbAwVBIx7LZvNuWWk2MbsR--9Nq-AcZpg5PDAI3VKyoJTkD2XxvmCEqAXPaC7lGbqmgglBORHi_L_w9BLNQ_ggk3guqVBXqC_G2LU6QoOrQRvnd1j7Bpc-wm7Q0XUedxa_ghkHFw94NXpzHPX-2L6cxi_wOboBWvAx4Ep_d75rHYR7XHjfxRMhnJBF6MHEcIMurN4HmP_lDL2tHqvlU7J5XpfLYpM4qmRMLOHWKsWbyW1mUpLmjFkzXZkO5zVTSgpCTdrU0HBQeaoUIYIx2dSZNaTmM3T3y3UAsO0H1-rhsBUsVTLj_AfYjFtT</recordid><startdate>200706</startdate><enddate>200706</enddate><creator>Llanso, T.</creator><creator>Barrett, G.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>200706</creationdate><title>Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects</title><author>Llanso, T. ; Barrett, G.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-f03ff773dff7f8c606922fc1421099b2775401c6dbed3e79677004225db8fc0b3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2007</creationdate><topic>Computer industry</topic><topic>Conferences</topic><topic>Costs</topic><topic>Information security</topic><topic>Laboratories</topic><topic>Physics</topic><topic>System testing</topic><topic>Taxonomy</topic><topic>US Department of Defense</topic><topic>USA Councils</topic><toplevel>online_resources</toplevel><creatorcontrib>Llanso, T.</creatorcontrib><creatorcontrib>Barrett, G.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Llanso, T.</au><au>Barrett, G.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects</atitle><btitle>2007 IEEE SMC Information Assurance and Security Workshop</btitle><stitle>IAW</stitle><date>2007-06</date><risdate>2007</risdate><spage>357</spage><epage>358</epage><pages>357-358</pages><isbn>1424413036</isbn><isbn>9781424413034</isbn><eisbn>1424413044</eisbn><eisbn>9781424413041</eisbn><abstract>The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.</abstract><pub>IEEE</pub><doi>10.1109/IAW.2007.381955</doi><tpages>2</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 1424413036
ispartof 2007 IEEE SMC Information Assurance and Security Workshop, 2007, p.357-358
issn
language eng
recordid cdi_ieee_primary_4267583
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Computer industry
Conferences
Costs
Information security
Laboratories
Physics
System testing
Taxonomy
US Department of Defense
USA Councils
title Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-10T05%3A31%3A30IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Automated%20Tracing%20and%20Integration%20of%20Security%20Functionality%20via%20Requirements%20Taxonomies,%20Annotations%20and%20Aspects&rft.btitle=2007%20IEEE%20SMC%20Information%20Assurance%20and%20Security%20Workshop&rft.au=Llanso,%20T.&rft.date=2007-06&rft.spage=357&rft.epage=358&rft.pages=357-358&rft.isbn=1424413036&rft.isbn_list=9781424413034&rft_id=info:doi/10.1109/IAW.2007.381955&rft_dat=%3Cieee_6IE%3E4267583%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=1424413044&rft.eisbn_list=9781424413041&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=4267583&rfr_iscdi=true