頁籤選單縮合
題 名 | 安全軟體開發生命週期設計階段最佳實務之探討=A Study on the Best Practices of Design Phase in Secure Software Development Life Cycle |
---|---|
作 者 | 陳振楠; 伍台國; 林宜隆; 楊博閔; | 書刊名 | 臺東大學綠色科學學刊 |
卷 期 | 1:1 2011.05[民100.05] |
頁 次 | 頁61-78 |
分類號 | 312.49 |
關鍵詞 | 安全軟體開發生命週期; 非功能需求; 風險管理; 軟體漏洞; 資訊安全; Secure software development lifecycle; Non-functional requirements; Risk management; Software vulnerabilities; Information security; |
語 文 | 中文(Chinese) |
中文摘要 | 資訊科技的發達,資訊安全的問題對於人類生活的衝擊愈來愈嚴重,因為網路入侵攻擊以及軟體系統本身的漏洞所造成的危害,使得軟體系統的安全性目標一再遭受破壞,因此如何改善軟體系統的安全性,已是值得探討的課題。由於軟體系統的安全性屬於非功能性需求,愈早在軟體開發生命週期中導入安全性的思維,執行安全性動作,不但可以減少漏洞修補的成本,更可以大幅提升軟體系統的安全性。本文探討安全軟體開發生命週期最佳實務,並著重於設計階段,藉由風險管理的概念改善目前安全軟體開發生命週期所欠缺的完整性,以提升軟體系統的安全性。 |
英文摘要 | As information technology got rapidly developed and highly utilized, the impacts of information security for everyone,s daily life became significant and serious. Since attackers often take advantage of software vulnerabilities to perform successful intrusions, the defenders must improve software security to avoid being compromised repeatedly. When non-functional requirements such as security controls are considered early in the software development lifecycle, it not only greatly reduces the cost of fixing security bugs at the production stage, but also comprehensively and effectively addresses the overall security of the developed software. This paper covers best practices throughout the secure software development lifecycle (SSDLC) with emphasis on security design and additional concepts. |
本系統中英文摘要資訊取自各篇刊載內容。