BS ISO/IEC 27034-7 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - APPLICATION SECURITY - PART 7: APPLICATION SECURITY ASSURANCE PREDICTION MODEL

Available format(s)

Hardcopy , PDF

Language(s)

English

Publisher

British Standards Institution

Foreword
0 Introduction to the Security
   Prediction Model
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Prediction concepts
6 Predictions
7 Substantial changes
8 Confidence
9 Prediction Application Security Rationale
10 Prediction Application Security Rationale Audit
11 Prediction Application Security Rationale
12 Prediction Application Security Rationale
   Implementation
13 Expected Level of Trust Report
Annex A (informative) - Expected Level of Trust
        Assurance Case
Annex B (informative) - Comparison of ASC to
        Application Security Rationale
Bibliography

BS ISO/IEC 27034-7.

Committee	45
DocumentType	Draft
Pages	44
PublisherName	British Standards Institution
Status	NA

ISO/IEC/IEEE 29119-1:2013	Software and systems engineering Software testing Part 1: Concepts and definitions
ISO/IEC 27034-1:2011	Information technology — Security techniques — Application security — Part 1: Overview and concepts
ISO/IEC 19770-5:2015	Information technology — IT asset management — Part 5: Overview and vocabulary
ISO/IEC 19770-2:2015	Information technology IT asset management Part 2: Software identification tag
ISO/IEC 20009-1:2013	Information technology — Security techniques — Anonymous entity authentication — Part 1: General
ISO/IEC 15026-2:2011	Systems and software engineering — Systems and software assurance — Part 2: Assurance case
ISO/IEC 90003:2014	Software engineering Guidelines for the application of ISO 9001:2008 to computer software
ISO/IEC 27000:2016	Information technology Security techniques Information security management systems Overview and vocabulary