Supplement of security-related parts of ISO/IEC TR 15504

Sang Ho Kim; Choon Seong Leem; Tai Hoon Kim; Jae Sung Kim

doi:10.1007/978-3-540-39737-3_134

Supplement of security-related parts of ISO/IEC TR 15504

Sang Ho Kim, Choon Seong Leem, Tai Hoon Kim, Jae Sung Kim

Department of Industrial Engineering

Research output: Chapter in Book/Report/Conference proceeding › Chapter

2 Citations (Scopus)

Abstract

ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Editors	Adnan Yazici, Cevat Sener
Publisher	Springer Verlag
Pages	1084-1089
Number of pages	6
ISBN (Print)	3540204091, 9783540397373
DOIs	https://doi.org/10.1007/978-3-540-39737-3_134
Publication status	Published - 2003

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2869
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-540-39737-3_134

Cite this

Kim, S. H., Leem, C. S., Kim, T. H., & Kim, J. S. (2003). Supplement of security-related parts of ISO/IEC TR 15504. In A. Yazici, & C. Sener (Eds.), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (pp. 1084-1089). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2869). Springer Verlag. https://doi.org/10.1007/978-3-540-39737-3_134

Kim, Sang Ho ; Leem, Choon Seong ; Kim, Tai Hoon et al. / Supplement of security-related parts of ISO/IEC TR 15504. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). editor / Adnan Yazici ; Cevat Sener. Springer Verlag, 2003. pp. 1084-1089 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inbook{34ef12cd672e420d9ade67eeb40bf85d,

title = "Supplement of security-related parts of ISO/IEC TR 15504",

abstract = "ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.",

author = "Kim, {Sang Ho} and Leem, {Choon Seong} and Kim, {Tai Hoon} and Kim, {Jae Sung}",

year = "2003",

doi = "10.1007/978-3-540-39737-3_134",

language = "English",

isbn = "3540204091",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "1084--1089",

editor = "Adnan Yazici and Cevat Sener",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

address = "Germany",

}

Kim, SH, Leem, CS, Kim, TH & Kim, JS 2003, Supplement of security-related parts of ISO/IEC TR 15504. in A Yazici & C Sener (eds), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2869, Springer Verlag, pp. 1084-1089. https://doi.org/10.1007/978-3-540-39737-3_134

Supplement of security-related parts of ISO/IEC TR 15504. / Kim, Sang Ho; Leem, Choon Seong; Kim, Tai Hoon et al.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). ed. / Adnan Yazici; Cevat Sener. Springer Verlag, 2003. p. 1084-1089 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2869).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

TY - CHAP

T1 - Supplement of security-related parts of ISO/IEC TR 15504

AU - Kim, Sang Ho

AU - Leem, Choon Seong

AU - Kim, Tai Hoon

AU - Kim, Jae Sung

PY - 2003

Y1 - 2003

N2 - ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.

AB - ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.

UR - http://www.scopus.com/inward/record.url?scp=0142245570&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0142245570&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-39737-3_134

DO - 10.1007/978-3-540-39737-3_134

M3 - Chapter

AN - SCOPUS:0142245570

SN - 3540204091

SN - 9783540397373

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1084

EP - 1089

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

A2 - Yazici, Adnan

A2 - Sener, Cevat

PB - Springer Verlag

ER -

Kim SH, Leem CS, Kim TH, Kim JS. Supplement of security-related parts of ISO/IEC TR 15504. In Yazici A, Sener C, editors, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer Verlag. 2003. p. 1084-1089. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-39737-3_134

Supplement of security-related parts of ISO/IEC TR 15504

Abstract

Publication series

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this