CPIS-compliance Security Requirement Analysis for Software Development

机译：软件开发的CPI-Compliance安全要求分析

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

China CPIS policy is the fundamental policy of China cybersecurity strategy. Therefore, CPIS-compliance software solution is highly demanded to help organizations comply with CPIS associated policies and standards. In this paper, a CPIS-compliance security requirements analysis method for software development is proposed, which utilizes TAG to assess the attack and then develop response plan according to priority. Using TAG, controls from CPIS Baselines are introduced into software during design phase, which efficiently enhances and improves software security. A case is studied to illustrate the practicality and effectiveness of TAG method.

机译：中国CPIS政策是中国网络安全战略的基本政策。因此，CPI-Compliance软件解决方案非常苛刻，帮助组织遵守CPI相关政策和标准。在本文中，提出了一种用于软件开发的CPI对安全性需求分析方法，利用标签来评估攻击，然后根据优先级进行响应计划。使用标签，在设计阶段期间将来自CPI基线的控件引入到软件中，有效增强和提高软件安全性。研究了案例以说明标签方法的实用性和有效性。

著录项

来源
《International Conference on Machinery, Materials and Information Technology Applications》|2015年|950p|共6页
会议地点
作者
Jiang Lei; Yuan Jing; Ren Weihong; Zhao Tai;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TH-53;
关键词
Cybersecurity; Threat Modeling; Classified Protection of Information System (CPIS);

机译：网络安全;威胁建模;信息系统的分类保护（CPI）;
入库时间 2022-08-20 22:45:56

相似文献

外文文献
中文文献
专利

1. Effectiveness and performance analysis of model-oriented security requirements engineering to elicit security requirements: a systematic solution for developing secure software systems [J] . Salini P., Kanmani S. International Journal of Information Security . 2016,第3期

机译：面向模型的安全需求工程的有效性和性能分析，以得出安全需求：开发安全软件系统的系统解决方案
2. Formal analysis and design for engineering security automated derivation of formal software security specifications from goal-oriented security requirements [J] . Hassan R., Eltoweissy M., Bohner S., Software, IET . 2010,第2期

机译：工程安全的形式化分析和设计，可从面向目标的安全要求中自动得出正式的软件安全规范
3. Towards security requirements management for software product lines: A security domain requirements engineering process [J] . Daniel Mellado, Eduardo Fernandez-Medina, Mario Piattini Computer standards & interfaces . 2008,第6期

机译：迈向软件产品线的安全需求管理：安全域需求工程流程
4. CPIS-compliance Security Requirement Analysis for Software Development [C] . Jiang Lei, Yuan Jing, Ren Weihong, International Conference on Machinery, Materials and Information Technology Applications . 2015

机译：软件开发的CPI-Compliance安全要求分析
5. Exploring The Strategies Software Developers Need to Maintain Security Requirements During Agile Development Processes [D] . Campbell, John. 2019

机译：探索战略软件开发人员需要在敏捷开发过程中保持安全要求
6. A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development [O] . Md Tarique Jamal Ansari, Fahad Ahmed Al-Zahrani, Dhirendra Pandey, 2020

机译：基于模糊的TopSis对有效安全要求工程方法的选择分析可靠性医疗软件开发
7. CPIS-compliance Security Requirement Analysis for Software Development [O] . Lei Jiang, Jing Yuan, Weihong Ren, 2015

机译：软件开发的CPI-Compliance安全要求分析

CPIS-compliance Security Requirement Analysis for Software Development

摘要

著录项

相似文献

相关主题

期刊订阅