Title :
Security considerations in the acquisition of computer systems
Author :
Pierce, Captain Charles R
Author_Institution :
Directorate of Commun.-Comput. Syst. Security, AFCSC, San Antonio, TX, USA
Abstract :
The paper describes Air Force System Security Memorandum (AFSSM) 5024, security considerations in the acquisition of computer systems, and how to go about a multidisciplinary approach for including security in any system development or acquisition. The AFSSM is a handbook for program managers providing guidance on developing security specifications for requests for proposals (RFP), including contract data requirements list (CDRL) and data items descriptions (DID). It also provides the delivery timing of resulting deliverables in the development life cycle. In addition to discussing the document, the paper describes some lessons learned from using the AFSSM´s draft versions, the status of its development and its future use
Keywords :
computer selection; security of data; software selection; acquisition; computer systems; contract data requirements list; data items descriptions; delivery timing; development life cycle; multidisciplinary approach; program managers; requests for proposals; security specifications; system development; Communication system security; Computer security; Contracts; Cryptography; Data security; Information security; Military computing; Packaging; Proposals; Timing;
Conference_Titel :
Computer Security Applications Conference, 1991. Proceedings., Seventh Annual
Conference_Location :
San Antonio, TX
Print_ISBN :
0-8186-2280-6
DOI :
10.1109/CSAC.1991.213002
