Design Progress Management for Security Requirements in Ubiquitous Computing Using COQUALMO

  • Eun Ser Lee
  • Sang Ho Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3984)


This paper estimates the development of a security process in four cases. This paper is intended to help the design lifecycle and progress management in ISO/IEC 15408 (Common Criteria). There are many defects that cause the security requirement problems during the software development. This paper explores the areas of the lifecycle and progress management that remove the security requirements and also manage the schedule and quality problems. For projects in similar domains, it is possible to remove security risk items and to manage progress by using security lifecycle and progress milestone, which can greatly improve the software process.


Security Requirement Ubiquitous Computing Common Criterion Security Objective Risk Item 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ISO/IEC 15408-1: Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model (1999)Google Scholar
  2. 2.
    ISO. ISO/IEC 15408-2: Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements (1999) Google Scholar
  3. 3.
    ISO. ISO/IEC 15408-3: Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance requirements (1999) Google Scholar
  4. 4.
    The Report of the President’s Commission on Critical Infrastructure Protection CCEB (Common Criteria Editorial Board), Common Criteria for Information Technology Security Evaluation, Version 2.0 (May 1998)Google Scholar
  5. 5.
    DOD (U.S. Department of Defense), Trusted Computer System Evaluation Criteria, DOD5200.28-STD, 1.0 (December 1985)Google Scholar
  6. 6.
    [ISO96] ISO/IEC Guide 65—General Requirements for Bodies Operating Product Certification Systems (1996)Google Scholar
  7. 7.
    Weiser, M.: Hot Topics: Ubiquitous Computing IEEE Computer (October 1993)Google Scholar
  8. 8.
    Weiser, M.: The Computer for the Twenty-First Century. Scientific American, 94–10 (September 1991)Google Scholar
  9. 9.
    Weiser, M.: Some Computer Science Problems in Ubiquitous Computing. Communications of the ACM, July 1993 (reprinted as Ubiquitous Computing, December 6, pp. 137–143. Nikkei Electronics (1993))Google Scholar
  10. 10.
    Boehm, B.: Software Risk Management. IEEE-CS Press, Los Alamitos (1989)Google Scholar
  11. 11.
    Boehm, B., Egyed, A., Kwan, J., Madachy, R.: Developing Multimedia Applications with the WinWin Spiral Model. In: Proceedings, ESEC/ FSE 1997. Springer, Heidelberg (1997)Google Scholar
  12. 12.
    Boehm, B., Bose, P.: A Collaborative Spiral Process Model Based on Theory W. In: Proceedings, ICSP3, p. 17. IEEE, Los Alamitos (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Eun Ser Lee
    • 1
  • Sang Ho Lee
    • 2
  1. 1.Information & Media Technology InstituteSoongsil University 
  2. 2.School of ComputingSoongsil University 

Personalised recommendations