Toward a Research Software Security Maturity Model
نویسندگان
چکیده
Such statements evidence that security should indeed be a first-class consideration of the software ecosystem. In this position paper, we share some thoughts related to research software security. Our thoughts are based on the observation that security is not a binary, all-or-nothing attribute, but a range of practices and requirements depending on how the software is expected to be deployed and used. We propose that the community leverage the concept of a maturity model, and work to agree on a research software security maturity model. This model would categorize different sets of security needs of the deployment community, and provide software developers a roadmap for advancing the security maturity of their software. The intent of this paper is not to express such a comprehensive maturity model, but instead to start a conversation and set some initial requirements.
منابع مشابه
Security Vigilance System through Level Driven Security Maturity Model
Success of any software system largely looms upon its vigilance efficiency that prompts organizations to meet the set of objectives in the arena of networks. In the highly competitive world, everything appears to be vulnerable; information system is also not an exception to this fact. The security of information system has become a cause of great concern. On the contrary, till time the software...
متن کاملTowards maturity of information security maturity criteria: six lessons learned from software maturity criteria
Traditionally , information security management standards listing generic means of protection have received a lot of attention in the field of information security management. In the background a few information security management-oriente d maturity criteria have been laid down. These criteria can be regarded as the latest promising innovations on the information security checklist standard fa...
متن کاملSynergies Between the Common Criteria and Process Improvement
This paper summarizes multifaceted synergies discovered between the ISO/IEC 15408 (Common Criteria) IT Security Evaluation standard, software product quality evaluation standards and the Capability Maturity Model Integration (CMMI®). In addition to serving research motivated interest, the usefulness of the synergies is demonstrated through case studies related to significant systems development...
متن کاملToward a capability maturity model for the management of outsourcing information services
Research has shown that information technology outsourcing risk and performance are a real concern in client-supplier relationships and for many organizations that have outsourced part or all of their information services, a key issue is that of the maturity level they achieved in their relationship with their suppliers. This paper proposes an adaptation of the Capability Maturity Model, widely...
متن کاملA model to measure the maturity of smartphone security at software consultancies
Smartphones are proliferating into the workplace at an ever-increasing rate. Similarly the information security threats that they pose are increasing. In an era of constant connectivity and availability, information is freed up of constraints of time and place. The risks introduced by smartphones are analysed through multiple cases studies, and a maturity measurement model is formulated. This m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1309.1677 شماره
صفحات -
تاریخ انتشار 2013