Software Security Checklist for the Software Life Cycle

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by David P. Gilliam Articles by Thomas L. Wolfe Articles by Josef S. Sherif Articles by Matt Bishop

Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises

Linz, Austria

June 09-June 11

ISBN: 0-7695-1963-6

	ASCII Text	x
	David P. Gilliam, Thomas L. Wolfe, Josef S. Sherif, Matt Bishop, "Software Security Checklist for the Software Life Cycle," Enabling Technologies, IEEE International Workshops on, pp. 243, Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003.

	BibTex	x
	@article{ 10.1109/ENABL.2003.1231415, author = {David P. Gilliam and Thomas L. Wolfe and Josef S. Sherif and Matt Bishop}, title = {Software Security Checklist for the Software Life Cycle}, journal ={Enabling Technologies, IEEE International Workshops on}, volume = {0}, year = {2003}, issn = {1080-1383}, pages = {243}, doi = {http://doi.ieeecomputersociety.org/10.1109/ENABL.2003.1231415}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Enabling Technologies, IEEE International Workshops on TI - Software Security Checklist for the Software Life Cycle SN - 1080-1383 SP EP A1 - David P. Gilliam, A1 - Thomas L. Wolfe, A1 - Josef S. Sherif, A1 - Matt Bishop, PY - 2003 KW - null VL - 0 JA - Enabling Technologies, IEEE International Workshops on ER -

David P. Gilliam, California Institute of Technology

Thomas L. Wolfe, California Institute of Technology

Josef S. Sherif, California Institute of Technology

Matt Bishop, University of California at Davis

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ENABL.2003.1231415

A formal approach to security in the software life cycle is essential to protect corporate resources. However, little thought has been given to this aspect of software development. Traditionally, software security has been treated as an afterthought leading to a cycle of ?penetrate and patch.? Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process. The current research at JPL addresses both of these areas through the development of a Software Security Assessment Instrument (SSAI). This paper focuses on the development of a Software Security Checklist (SSC) for the life cycle. It includes the critical areas of requirements gathering and specification, design and code issues, and maintenance and decommissioning of software and systems.

Citation:

David P. Gilliam, Thomas L. Wolfe, Josef S. Sherif, Matt Bishop, "Software Security Checklist for the Software Life Cycle," wetice, pp.243, Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.