A transaction flow approach to software security certification for document handling systems

A transaction flow approach to software security certification for document handling systems

A security certification method is described for a document handling system for a major government organization. The security evaluation process includes identification of the exposures of the system, determination of the controls that cover those exposures, and evaluation of the appropriateness and...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 1988-10, Vol.7 (5), p.495-502
Hauptverfasser: Pfleeger, Charles P., Pfleeger, Shari Lawrence
Format: Artikel
Sprache:eng
Schlagworte:
Certification
Control
Cybersecurity
Data flow
Evaluation
Exposure
Security
Software
Transaction
Validation
Verification
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A security certification method is described for a document handling system for a major government organization. The security evaluation process includes identification of the exposures of the system, determination of the controls that cover those exposures, and evaluation of the appropriateness and effectiveness of the controls. Included are the details of the analysis performed and the types of results expected in that analysis, both of which constitute the basic evaluation of the document handling system. The certification analysis approach can be extended naturally to other types of computing systems.
ISSN:0167-4048
1872-6208
DOI:10.1016/0167-4048(88)90203-9