检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:顾先华 施勇[1] 薛质[1] GU Xian-hua;SHI Yong;XUE Zhi(School of Electronic Information and Electrical Engineering,Shanghai Jiao Tong University,Shanghai 200240,China)
机构地区:[1]上海交通大学电子信息与电气工程学院
出 处:《通信技术》2020年第1期225-229,共5页Communications Technology
基 金:国家重点研发计划项目“网络空间安全”重点专项(No.2017YFB0803200)~~
摘 要:近年来,国内有大量互联网企业开始实施安全软件开发生命周期(S-SDLC)。高安全软件的可用性较差,敏捷开发的连续性受限等反面效果阻碍了S-SDLC的推进。为了提高对S-SDLC的认同感和重视程度,面向安全负责人进行意见收集,根据安全基本属性和产品开发风险相关因素,使用层次分析法(AHP)进行评估分析,得出S-SDLC流程步骤是S-SDLC落实过程中的最大影响因素。最后进行案例分析,对某企业的S-SDLC落地实施进行改进。In recent years,a large number of domestic Internet companies have begun to implement the Security Software Development Life Cycle(S-SDLC).However,adverse effects such as poor availability of high security software and limited continuity of agile development have hindered the advancement of S-SDLC.In order to improve the recognition and importance of S-SDLC,opinions from security leaders are collected.According to the basic security attributes and product development risk-related factors,an analytic hierarchy process(AHP)is used for evaluation and analysis,and it is concluded that the S-SDLC process steps are the biggest influencing factors in the implementation of S-SDLC.Finally,a case study is conducted to improve the implementation of S-SDLC implementation of a certain company.
关 键 词:网络安全 安全软件开发生命周期 安全软件敏捷开发生命周期 层次分析法
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49
