Loading...
Sharif repository-A threatened-based software security evaluation method
Razian, M. R ; Sharif University of Technology
515
Viewed
- Type of Document: Article
- DOI: 10.1109/ISCISC.2014.6994034
- Abstract:
- Nowadays, security evaluation of software is a substantial matter in software world. Security level of software will be determined by wealth of data and operation which it provides for us. The security level is usually evaluated by a third party, named Software Security Certification Issuance Centers. It is important for software security evaluators to perform a sound and complete evaluation, which is a complicated process considering the increasing number of emerging threats. In this paper we propose a Threatened-based Software Security Evaluation method to improve the security evaluation process of software. In this method, we focus on existing threatened entities of software which in turn result in software threats and their corresponding controls and countermeasures. We also demonstrate a Security Evaluation Assistant (SEA) tool to practically show the effectiveness of our evaluation method
- Keywords:
- Software ; Computer software ; Control ; Assessment ; Evaluation ; Security ; Security certification ; Software security ; Threat ; Threatened ; Security of data
- Source: International ISC Conference on Information Security and Cryptology, ISCISC(11th: 2014:) ; Sept , 2014 , p. 120-125
- URL: http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=6994034&url=http%3A%2F%2Fieeexplore.ieee.org%2Fiel7%2F6975720%2F6994006%2F06994034.pdf%3Farnumber%3D6994034