期刊名称:International Journal of Computer Science & Information Technology (IJCSIT)
印刷版ISSN:0975-4660
电子版ISSN:0975-3826
出版年度:2012
卷号:4
期号:2
页码:83
出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:Standards, models, frameworks and guidelines have been developed for secure software developmentsuch as such as Common Criteria, SSE-CMM, Microsoft SDL, OpenSAMM. Current standards andmodels provide guidance for particular areas such as threat modelling, risk management, secure coding,security testing, verification, patch management, configuration management etc. But there is not agenerally accepted model for a secure software development lifecycle. Common Criteria providesobjective evaluation methodology to validate that a product satisfies a specified set of securityrequirements. In this paper Common Criteria secure software development approach is examined andcompared with other well known standards and models.
