Toward a Research Software Security Maturity Model

نویسندگان

  • Randy Heiland
  • Betsy Thomas
  • Von Welch
  • Craig Jackson
چکیده

Such statements evidence that security should indeed be a first-class consideration of the software ecosystem. In this position paper, we share some thoughts related to research software security. Our thoughts are based on the observation that security is not a binary, all-or-nothing attribute, but a range of practices and requirements depending on how the software is expected to be deployed and used. We propose that the community leverage the concept of a maturity model, and work to agree on a research software security maturity model. This model would categorize different sets of security needs of the deployment community, and provide software developers a roadmap for advancing the security maturity of their software. The intent of this paper is not to express such a comprehensive maturity model, but instead to start a conversation and set some initial requirements.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Security Vigilance System through Level Driven Security Maturity Model

Success of any software system largely looms upon its vigilance efficiency that prompts organizations to meet the set of objectives in the arena of networks. In the highly competitive world, everything appears to be vulnerable; information system is also not an exception to this fact. The security of information system has become a cause of great concern. On the contrary, till time the software...

متن کامل

Towards maturity of information security maturity criteria: six lessons learned from software maturity criteria

Traditionally , information security management standards listing generic means of protection have received a lot of attention in the field of information security management. In the background a few information security management-oriente d maturity criteria have been laid down. These criteria can be regarded as the latest promising innovations on the information security checklist standard fa...

متن کامل

Synergies Between the Common Criteria and Process Improvement

This paper summarizes multifaceted synergies discovered between the ISO/IEC 15408 (Common Criteria) IT Security Evaluation standard, software product quality evaluation standards and the Capability Maturity Model Integration (CMMI®). In addition to serving research motivated interest, the usefulness of the synergies is demonstrated through case studies related to significant systems development...

متن کامل

Toward a capability maturity model for the management of outsourcing information services

Research has shown that information technology outsourcing risk and performance are a real concern in client-supplier relationships and for many organizations that have outsourced part or all of their information services, a key issue is that of the maturity level they achieved in their relationship with their suppliers. This paper proposes an adaptation of the Capability Maturity Model, widely...

متن کامل

A model to measure the maturity of smartphone security at software consultancies

Smartphones are proliferating into the workplace at an ever-increasing rate. Similarly the information security threats that they pose are increasing. In an era of constant connectivity and availability, information is freed up of constraints of time and place. The risks introduced by smartphones are analysed through multiple cases studies, and a maturity measurement model is formulated. This m...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • CoRR

دوره abs/1309.1677  شماره 

صفحات  -

تاریخ انتشار 2013