Abstract
Acceptance criteria define the degree of quality required and identify areas to be examined in evaluating the degree of quality. Three categories of computer security acceptance criteria are proposed: functionality, performance, and development method. Each is further divided into sub-categories. Aids in formulating requirements and criteria are noted, including the use of organizational policies and risk analysis methods. Quantification is shown as a volatile tool, since numbers are often treated as single data points rather than as ranges. A set of principles is presented, to be followed in formulating acceptance criteria. Illustrative principles are as follows: (1) Get a good start, (2) make sure everyone understands, (3) distinguish shall from should, and (4) explain why. The acceptance determination process is discussed, a key point being that intermediate products must be approved. The value of acceptance criteria is in making the product better and the judgment easier.
Cite
CITATION STYLE
Neugent, W. (1982). Acceptance criteria for computer security. In AFIPS Conference Proceedings - 1982 National Computer Conference, AFIPS 1982 (pp. 441–448). Association for Computing Machinery, Inc. https://doi.org/10.1145/1500774.1500830
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
