Case Analysis of Legal System and Regulations according to the Needs of S/W Development Security

SeongYoon Shin; Jeong,Kil Hyun

Journal of The Korea Society of Computer and Information

Abbr : JKSCI
2014, 19(10), pp.117-124
Publisher : The Korean Society Of Computer And Information
Research Area : Computer Science

SeongYoon Shin ¹ , Jeong,Kil Hyun ²

¹ 군산대학교
² 장안대학교

ABSTRACT

Software Development Security is defined as a sequential procedure such as deleting potential securityvulnerability for secure software development, designing or implementing various functions withconsidering security, and so on. In this paper, we research on domestic or international hacking cases thatcould damage us mentally or financially. Seventy five percent of Web-site attacks abuses weak points ofapplication programs, or software. We also research on major issues related to software developmentsecurity with these demerits. And then, we propose public and private laws, regulations, or systems andgive some examples with detailed descriptions.
KEYWORDS

S/W Development Security , Security Vulnerability , Hacking Cases , Web-Site Attack
REFERENCES (12)

[journal] Lee, Hanwook / 2013 / A Study of The Robust User Authentication Methods for Memory Hacking Attacks / KIISC review 23 (6) : 67~75

[journal] 최준성 / 2012 / Defense SW Secure Coding Application Method for Cyberwarfare Focused on the Warfare System Embedded SW Application Level / 한국방위산업학회지 / 한국방위산업학회 19 (2) : 90~103

[journal] 방지호 / 2013 / Evaluation Methodology of Diagnostic Tool for Security Weakness of e-GOV Software / 한국통신학회논문지C / 한국통신학회 38 (4) : 335~343

[report] P. E. Black / 2011 / Source code security analysis tool functional specification version 1. 1 / NIST

[report] MOPAS / 2012 / Guidelines on building and operating Information Systems / MOPAS

[journal] 신성윤 / 2012 / A Study on Security Measure of Step-Wise Project / 한국정보통신학회논문지 / 한국정보통신학회 16 (11) : 2459~2464 / http://dx.doi.org/10.6109/jkiice.2012.16.11.2459

[journal] 남원희 / 2011 / A Study on Cloud Network and Security System Analysis for Enhanced Security of Legislative Authority / 한국정보통신학회논문지 / 한국정보통신학회 15 (6) : 1320~1326

[journal] G. McGraw / 1999 / Software assurance for security / IEEE Computer 32 : 103~105

[journal] G. McGraw / 2004 / Software Security Testing / IEEE Security and Privacy 2 : 81~85

[journal] B. Arkin / 2005 / Software penetration testing / IEEE Security & Privacy 3 : 84~87

[confproc] D. P. Gilliam / 2003 / Software Security Checklist for the Software Life Cycle / Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises : 243~

[web] / http://certlys82.tistory.com/57 / http://certlys82.tistory.com/57
KCI Citation (1)

KJC Korea
Journal Central

Statistics

Tools