Design Progress Management for Security Requirements in Ubiquitous Computing Using COQUALMO
This paper estimates the development of a security process in four cases. This paper is intended to help the design lifecycle and progress management in ISO/IEC 15408 (Common Criteria). There are many defects that cause the security requirement problems during the software development. This paper explores the areas of the lifecycle and progress management that remove the security requirements and also manage the schedule and quality problems. For projects in similar domains, it is possible to remove security risk items and to manage progress by using security lifecycle and progress milestone, which can greatly improve the software process.
KeywordsSecurity Requirement Ubiquitous Computing Common Criterion Security Objective Risk Item
Unable to display preview. Download preview PDF.
- 1.ISO/IEC 15408-1: Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model (1999)Google Scholar
- 2.ISO. ISO/IEC 15408-2: Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements (1999) Google Scholar
- 3.ISO. ISO/IEC 15408-3: Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements (1999) Google Scholar
- 4.The Report of the President’s Commission on Critical Infrastructure Protection CCEB (Common Criteria Editorial Board), Common Criteria for Information Technology Security Evaluation, Version 2.0 (May 1998)Google Scholar
- 5.DOD (U.S. Department of Defense), Trusted Computer System Evaluation Criteria, DOD5200.28-STD, 1.0 (December 1985)Google Scholar
- 6.[ISO96] ISO/IEC Guide 65—General Requirements for Bodies Operating Product Certification Systems (1996)Google Scholar
- 7.Weiser, M.: Hot Topics: Ubiquitous Computing IEEE Computer (October 1993)Google Scholar
- 8.Weiser, M.: The Computer for the Twenty-First Century. Scientific American, 94–10 (September 1991)Google Scholar
- 9.Weiser, M.: Some Computer Science Problems in Ubiquitous Computing. Communications of the ACM, July 1993 (reprinted as Ubiquitous Computing, December 6, pp. 137–143. Nikkei Electronics (1993))Google Scholar
- 10.Boehm, B.: Software Risk Management. IEEE-CS Press, Los Alamitos (1989)Google Scholar
- 11.Boehm, B., Egyed, A., Kwan, J., Madachy, R.: Developing Multimedia Applications with the WinWin Spiral Model. In: Proceedings, ESEC/ FSE 1997. Springer, Heidelberg (1997)Google Scholar
- 12.Boehm, B., Bose, P.: A Collaborative Spiral Process Model Based on Theory W. In: Proceedings, ICSP3, p. 17. IEEE, Los Alamitos (1994)Google Scholar