Application of security principles to integration of enterprise, system and software engineering methods

Author

Weiss, Dennis A. ; Moore, Samuel E. ; Robbins, James A.

Author_Institution

Electronic Warfare Associates Canada Ltd., Ottawa, Ont., Canada

fYear

1996

fDate

21-25 Oct 1996

Firstpage

204

Lastpage

207

Abstract

A considerable amount of research and development effort by various engineering communities has been directed towards the engineering of complex Information Technology (IT) systems. As a result there are a number of non-proprietary processes, methods and tools designed to support the engineering of complex systems. A critical limitation has been the lack of examples relevant to specialist domains, particularly for secure IT systems. This paper summarizes the results of a study funded by the Government of Canada´s Communication Security Establishment to apply security principles throughout a development life cycle for a sample IT system. The study demonstrates how traditional development methods are tailored to ensure security needs are included and how different engineering methods and design criteria are integrated and managed during IT system development

Keywords

security of data; software development management; Communication Security Establishment; Information Technology; design criteria; development life cycle; engineering methods; secure IT systems; security principles; software engineering; Application software; Communication system security; Computer security; Data security; Design engineering; Government; Information security; Risk management; Software engineering; Systems engineering and theory;

fLanguage

English

Publisher

ieee

Conference_Titel

Engineering of Complex Computer Systems, 1996. Proceedings., Second IEEE International Conference on

Conference_Location

Montreal, Que.

Print_ISBN

0-8186-7614-0

Type

conf

DOI

10.1109/ICECCS.1996.558413

Filename

558413