CPIS-compliance Security Requirement Analysis for Software Development
Authors
Lei Jiang, Jing Yuan, Weihong Ren, Tai Zhao
Corresponding Author
Lei Jiang
Available Online November 2015.
- DOI
- 10.2991/icmmita-15.2015.121How to use a DOI?
- Keywords
- Cybersecurity; Threat Modeling; Classified Protection of Information System(CPIS);
- Abstract
China CPIS policy is the fundamental policy of China cybersecurity strategy. Therefore, CPIS-compliance software solution is highly demanded to help organizations comply with CPIS associated policies and standards. In this paper, a CPIS-compliance security requirements analysis method for software development is proposed, which utilizes TAG to assess the attack and then develop response plan according to priority. Using TAG, controls from CPIS Baselines are introduced into software during design phase, which efficiently enhances and improves software security. A case is studied to illustrate the practicality and effectiveness of TAG method.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Lei Jiang AU - Jing Yuan AU - Weihong Ren AU - Tai Zhao PY - 2015/11 DA - 2015/11 TI - CPIS-compliance Security Requirement Analysis for Software Development BT - Proceedings of the 2015 3rd International Conference on Machinery, Materials and Information Technology Applications PB - Atlantis Press SP - 624 EP - 629 SN - 2352-538X UR - https://doi.org/10.2991/icmmita-15.2015.121 DO - 10.2991/icmmita-15.2015.121 ID - Jiang2015/11 ER -