Software Security Maturity in Public Organisations

2015 ◽  
pp. 120-138 ◽  
Author(s):  
Martin Gilje Jaatun ◽  
Daniela S. Cruzes ◽  
Karin Bernsmed ◽  
Inger Anne Tøndel ◽  
Lillian Røstad
Keyword(s):  
Software Security ◽  
Public Organisations

Risk Centric Activities in Secure Software Development in Public Organisations

2017 ◽  
Vol 8 (4) ◽  
pp. 1-30 ◽  
Author(s):  
Inger Anne Tøndel ◽  
Martin Gilje Jaatun ◽  
Daniela Soares Cruzes ◽  
Nils Brede Moe
Keyword(s):  
Software Development ◽  
Software Security ◽  
Development Projects ◽  
Security Risks ◽  
Security Issues ◽  
Security Practices ◽  
Secure Software Development ◽  
Public Organisations ◽  
Stakeholder Cooperation

When working with software security in a risk-centric way, development projects become equipped to make decisions on how much security to include and what type of security pays off. This article presents the results of a study made among 23 public organisations, mapping their risk-centric activities and practices, and challenges for implementing them. The authors found that their software security practices were not based on an assessment of software security risks, but rather driven by compliance. Additionally, their practices could in many cases be characterised as arbitrary, late and error driven, with limited follow up on any security issues throughout their software development projects. Based on the results of the study, the authors identified the need for improvements in three main areas: responsibilities and stakeholder cooperation; risk perception and competence; and, practical ways of doing risk analysis in agile projects.

IMPROVING MECHANISMS OF COOPERATION BETWEEN THE STATE BORDER SERVICE OF UKRAINE, PUBLIC ORGANISATIONS AND POPULATION

2018 ◽  
Vol 1 (11) ◽  
pp. 91-101
Author(s):  
Iakiv Serhiiovych Halaniuk
Keyword(s):  
Political Stability ◽  
Subject Area ◽  
The State ◽  
Military Force ◽  
Border Area ◽  
Public Control ◽  
The Public ◽  
Mechanism Model ◽  
Public Organisations ◽  
The Military

The article highlights the author’s approach to improving coopera- tion mechanisms of the State Border Service of Ukraine with public organiza- tions and population. There has been analyzed public control as a means their cooperation and priorities of improving the cooperation, particularly, forms and methods of organizing citizens’ feedback, introduction of the assessment pro- cedure of the efficiency of the SBSU and population and public organization. There have been stated conceptual pillars of the public control development in the SBSU, developed by the author, including public control forms and resource provision. There has been considered a mechanism algorithm of the public par- ticipation in the development of the border administration through submitting petitions or proposals concerning a legally enforceable enactment draft (or the legally enforceable enactment currently in force). There has been represented a mechanism model of discussing legally enforceable enactments and public peti- tions, developed by the author. It is noted that one of the mechanisms of interac- tion of the SBSU with the public is effective public control, which becomes an in- tegral part of ensuring national security and political stability. The conditions of permanence of Ukraine's threats in the border area, and in certain areas and their exacerbation, along with further reforms of the institutes of Ukrainian statehood, cause the problem of establishing and implementing public control in the border area as an important and urgent one.It is proved that public control is intended to determine the correctness of the military-force policy in the border area, the validity of the scale and optimality of the forms of activity of the border guards. In accordance with all this, in the subject area of public control should be: political decisions on issues of border security, including international agreements; the expediency and validity of government programs for the provision and reform of the border authorities of Ukraine, assess- ment of the effectiveness of these programs and the procedure for making changes to them.

Trace Effect Analysis for Software Security

2010 ◽  
Author(s):  
Christian Skalka
Keyword(s):  
Software Security ◽  
Effect Analysis

The Law and Economics of Software Security

2006 ◽  
Author(s):  
Robert W. Hahn ◽  
Anne Layne-Farrar
Keyword(s):  
Law And Economics ◽  
Software Security ◽  
The Law

POLLUTION PREVENTION AND POLITICS — THE RECENT EXPERIENCE IN SYDNEY

1994 ◽  
Vol 30 (1) ◽  
pp. 13-22 ◽  
Author(s):  
G. G. O'Loughlin
Keyword(s):  
State Government ◽  
Pollution Abatement ◽  
Pollution Prevention ◽  
Water Runoff ◽  
Recent Experience ◽  
Political Factors ◽  
Storm Water Runoff ◽  
South Wales ◽  
Administrative Change ◽  
Public Organisations

The New South Wales State Government has embarked on a multi-billion dollar programme of pollution abatement in Sydney, The socio-economic and political factors which have prompted this are described, These illustrate the complexities of dealing with pollution problems while social values alter, public organisations experience administrative change and financial pressures, and politicians try to balance environmental and economic objectives, The technical progress of the Sydney initiatives to reduce storm water runoff and sewer overflow pollution is also outlined.

A Systematic Review and Catalog of Security Metric during the Secure Software Development Life Cycle

2020 ◽  
Vol 13 ◽  
Author(s):  
Sampada G.C ◽  
Tende Ivo Sake ◽  
Amrita
Keyword(s):  
Systematic Review ◽  
Life Cycle ◽  
Software Development ◽  
Software Security ◽  
Security Assessment ◽  
Security Metrics ◽  
Development Life Cycle ◽  
Development Processes ◽  
Secure Software Development ◽  
Software Development Life Cycle

Background: With the advancement in the field of software development, software poses threats and risks to customers’ data and privacy. Most of these threats are persistent because security is mostly considered as a feature or a non-functional requirement, not taken into account during the software development life cycle (SDLC). Introduction: In order to evaluate the security performance of a software system, it is necessary to integrate the security metrics during the SDLC. The appropriate security metrics adopted for each phase of SDLC aids in defining the security goals and objectives of the software as well as quantify the security in the software. Methods: This paper presents systematic review and catalog of security metrics that can be adopted during the distinguishable phases of SDLC, security metrics for vulnerability and risk assessment reported in the literature for secure development of software. The practices of these metrics enable software security experts to improve the security characteristics of the software being developed. The critical analysis of security metrics of each phase and their comparison are also discussed. Results: Security metrics obtained during the development processes help to improve the confidentiality, integrity, and availability of software. Hence, it is imperative to consider security during the development of the software, which can be done with the use of software security metrics. Conclusion: This paper reviews the various security metrics that are meditated in the copious phases during the progression of the SDLC in order to provide researchers and practitioners with substantial knowledge for adaptation and further security assessment.

scholarly journals Analysis of Software Security level based on system clustering and correlation

2021 ◽  
Vol 1848 (1) ◽  
pp. 012133
Author(s):  
Shizhuang Yin ◽  
Quan Shi ◽  
Yadong Wang ◽  
Shuai Wang ◽  
Weiyi Wu
Keyword(s):  
Software Security ◽  
Security Level ◽  
System Clustering
Sign in / Sign up

Export Citation Format

Share Document