An application information system (IS) of public or private organization should be developed securely and cost-effectively by using security engineering and software engineering technologies, as well as a security requirement specification (SRS). We present a SRS-Process that is a development process for SRS of IS, and a SRS-Tool that is a development tool for SRS in accordance with the SRS-Process. Our approach is based on the paradigm of Common Criteria (ISO/IEC 15408), that is an international evaluation criteria for information security products, and PP which is a common security functional requirement specification for specific types of information security product. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Choi, S. S., Chae, S. Y., & Lee, G. S. (2005). SRS-tool: A security functional requirement specification development tool for application information system of organization. In Lecture Notes in Computer Science (Vol. 3481, pp. 458–467). Springer Verlag. https://doi.org/10.1007/11424826_48
Mendeley helps you to discover research relevant for your work.