A Practical Model for Rating Software Security

2013 IEEE Seventh International Conference on Software Security and Reliability Companion Pub Date : 2013-06-18 DOI:10.1109/SERE-C.2013.11

Haiyun Xu, Jeroen Heijmans, Joost Visser

引用次数: 20

Abstract

This paper introduces a model for rating software security based on the ISO 25010 standard for software product quality. To rate software security, the authors define eleven system properties, which reflect how a typical software product addresses the confidentiality, integrity, non-repudiation, accountability and authenticity. The paper presents these properties, how to rate them, and how to aggregate the ratings.

查看原文本刊更多论文

一个实用的软件安全评价模型

介绍了一种基于ISO 25010软件产品质量标准的软件安全评价模型。为了评估软件安全性，作者定义了11个系统属性，这些属性反映了典型软件产品如何处理机密性、完整性、不可否认性、可问责性和真实性。本文介绍了这些属性，如何对它们进行评级，以及如何对评级进行汇总。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 IEEE Seventh International Conference on Software Security and Reliability Companion

自引率

0.00%

发文量