Welcome to Scribd!

TOPIC 2 Scoping The System PART 6 Security PDF

Uploaded by

0% found this document useful (0 votes)

3 views3 pages

The document outlines security requirements and actions to achieve security goals for a system. The security requirements cover authentication, authorization, audit logging, network security, code testing, and cryptography. Actions to ensure integrity include protecting software from corruption or tampering during development and execution. Confidentiality requirements prevent unauthorized access. Authentication and authorization processes validate users and determine accessible resources based on roles.

Original Description:

Original Title

TOPIC 2 Scoping the System PART 6 Security (PDF)

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

3 views3 pages

TOPIC 2 Scoping The System PART 6 Security PDF

Uploaded by

Aphelele Kwinana

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 3

Search inside document

2021/05/16

SCOPING THE SYSTEM

TOPIC 3

PART 6
Security REquirements

Security Requirements

The security requirements must cover areas such as:

• Authentication & password management
• Authorization and role management
• Audit logging & analysis
• Network & data security
• Code integrity & validation testing
• Cryptography
• Data validation

1
2021/05/16

Actions to be performed to reach security goals:

 Integrity
• Software must be protected from subversion
which may include corruption, tampering,
overwriting, destruction.
• Integrity must be preserved both during the
software development & during its execution.

 Confidentiality (including privacy)

• To prevent unauthorised access.

 Authentication / Authorisation
• Process to validate a user’s logon
information shall be enforced to manage
the access to restricted area.
• Problems faced include encryption and
storage of passwords.
• Determine what resources an authenticated person has access to.

 User roles
• Map user roles to available / permissible
functionality.
- Menus?

2
2021/05/16

Chapitre5 Cloud Security Mechanisms
Document33 pages
Chapitre5 Cloud Security Mechanisms
Wael HAMDI
No ratings yet
Chapter 2 Design Principles and Objectives For Secure Software
Document70 pages
Chapter 2 Design Principles and Objectives For Secure Software
Haya al-theyab
No ratings yet
Chapter 2 Software Security Practices
Document69 pages
Chapter 2 Software Security Practices
KUEK BOON KANG
No ratings yet
Domain 4
Document8 pages
Domain 4
Hossam Eissa
No ratings yet
Deep Security 11.0 Training For Certified Professionals: Trend Micro
Document2 pages
Deep Security 11.0 Training For Certified Professionals: Trend Micro
Nguyễn Mỹ Linh
No ratings yet
MD 100t00 Enu Powerpoint m09
Document43 pages
MD 100t00 Enu Powerpoint m09
Aresha Khan
No ratings yet
Module 09: Configuring Threat Protection: MD-100 Windows 10
Document35 pages
Module 09: Configuring Threat Protection: MD-100 Windows 10
CourageMarume
No ratings yet
Enterprise Cyber Security Fundamentals: Presented by Matt Constable
Document47 pages
Enterprise Cyber Security Fundamentals: Presented by Matt Constable
tapera_mangezi
No ratings yet
Unit 5
Document83 pages
Unit 5
excitekarthik
No ratings yet
Spring Security
Document2 pages
Spring Security
aymanmabdelsalam
No ratings yet
Cybrary CSSLP Slides
Document246 pages
Cybrary CSSLP Slides
ineba
100% (1)
MD 100T00 ENU PowerPoint - M09
Document32 pages
MD 100T00 ENU PowerPoint - M09
A
No ratings yet
Pertemuan 3 - Sesi 5 Dan 6
Document70 pages
Pertemuan 3 - Sesi 5 Dan 6
Sheila Najla
No ratings yet
04-PAM-ADMIN Access Control (Safes)
Document37 pages
04-PAM-ADMIN Access Control (Safes)
yaohang
No ratings yet
FALLSEM2021-22 CSE3501 ETH VL2021220101428 Reference Material I 04-10-2021 Mod 2 System Security-1 Jey
Document50 pages
FALLSEM2021-22 CSE3501 ETH VL2021220101428 Reference Material I 04-10-2021 Mod 2 System Security-1 Jey
harita sakkaravarthi
No ratings yet
Comptia Security+ (2008 Edition) Certification Examination Objectives
Document11 pages
Comptia Security+ (2008 Edition) Certification Examination Objectives
thoughtcancer
No ratings yet
Comptia Security+ (2008 Edition) Certification Examination Objectives
Document11 pages
Comptia Security+ (2008 Edition) Certification Examination Objectives
hmorris07
No ratings yet
Programming For Security Professionals
Document174 pages
Programming For Security Professionals
B Basit
No ratings yet
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
Document71 pages
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
santuchetu1
No ratings yet
Cloud Security
Document4 pages
Cloud Security
Prince Kumar Bhatia
No ratings yet
CloudComputing UNIT 4
Document83 pages
CloudComputing UNIT 4
Dank Boii
No ratings yet
Unit-2 Part-1
Document23 pages
Unit-2 Part-1
sravansibis
No ratings yet
737 Intro
Document13 pages
737 Intro
Shame Bope
No ratings yet
Slide Deck 04
Document48 pages
Slide Deck 04
Nik Suki
No ratings yet
Secure Coding - PHP v.1.1
Document137 pages
Secure Coding - PHP v.1.1
Bond James
No ratings yet
Unit5 Cloud Security
Document32 pages
Unit5 Cloud Security
Shahad Shahul
No ratings yet
Combating Internal Data Insecurity
Document14 pages
Combating Internal Data Insecurity
John Mungai
No ratings yet
Course Outline: Security Center: System Hardening Certification
Document2 pages
Course Outline: Security Center: System Hardening Certification
Oran Oran
No ratings yet
Static Code Review
Document9 pages
Static Code Review
Tolga Ulas
No ratings yet
FALLSEM2021-22 CSE3501 ETH VL2021220103874 Reference Material I 30-08-2021 Lect 9
Document21 pages
FALLSEM2021-22 CSE3501 ETH VL2021220103874 Reference Material I 30-08-2021 Lect 9
wurdig
No ratings yet
Cert-In Training Program For Government, Psus and Critical Sector Oragnizations
Document51 pages
Cert-In Training Program For Government, Psus and Critical Sector Oragnizations
Guru Prasath
No ratings yet
6a. Mobile Application Security
Document77 pages
6a. Mobile Application Security
Evanson Karimi
No ratings yet
CISSP Session 02
Document81 pages
CISSP Session 02
wfelicesc
No ratings yet
4 Security Testing
Document57 pages
4 Security Testing
Harsh Rangwani
No ratings yet
Domain4 - Security Architecture & Models
Document26 pages
Domain4 - Security Architecture & Models
drilling moneytree
No ratings yet
Pertemuan 2 - Information System Risk and Control
Document72 pages
Pertemuan 2 - Information System Risk and Control
Rey Ra
No ratings yet
Unit2 CyberSecurity Shared
Document36 pages
Unit2 CyberSecurity Shared
Anuraag
No ratings yet
CISA 27e CH 5 Protection of Information Assets
Document192 pages
CISA 27e CH 5 Protection of Information Assets
Ja'far Numeiri
No ratings yet
EMCS-602: Cybersecurity Policies & Issues
Document60 pages
EMCS-602: Cybersecurity Policies & Issues
amna zia
No ratings yet
09 - LECTURE Security Testing For Mobile and Web Apps
Document36 pages
09 - LECTURE Security Testing For Mobile and Web Apps
Teng Jun teh
No ratings yet
Intro - Web and Application Security
Document21 pages
Intro - Web and Application Security
Heenisha Lachemykanden
No ratings yet
Lecture#01 - Introduction To Information Security COncepts
Document47 pages
Lecture#01 - Introduction To Information Security COncepts
fasih
No ratings yet
Security
Document17 pages
Security
Farooq Shad
No ratings yet
Microsoft Official Course: Securing Windows Servers Using Group Policy Objects
Document35 pages
Microsoft Official Course: Securing Windows Servers Using Group Policy Objects
J Loudes Anthoo Roys
No ratings yet
Security Assessment Methodologies
Document12 pages
Security Assessment Methodologies
Sebastian Zuloaga
No ratings yet
Unit5 Cloud Security
Document32 pages
Unit5 Cloud Security
adamaloudi2017
No ratings yet
Chapter 3
Document14 pages
Chapter 3
yatharth
No ratings yet
Unit-5: Security, Standards, and Applications
Document50 pages
Unit-5: Security, Standards, and Applications
MarieFernandes
No ratings yet
Block 3 PDF
Document58 pages
Block 3 PDF
Anil Kumar
No ratings yet
BMIS 33243 Distributed Systems Management
Document44 pages
BMIS 33243 Distributed Systems Management
wirdina
No ratings yet
Fortigate Level 1
Document6 pages
Fortigate Level 1
vorn savan
No ratings yet
Teradata InfoSec Slides Defense in Depth Best Practices Pres December 2011 - FINAL
Document134 pages
Teradata InfoSec Slides Defense in Depth Best Practices Pres December 2011 - FINAL
Miguel Chia
No ratings yet
WINSEM2022-23 BCI3002 ETH VL2022230503312 Reference Material I 14-12-2022 Lecture 3 Access Control
Document23 pages
WINSEM2022-23 BCI3002 ETH VL2022230503312 Reference Material I 14-12-2022 Lecture 3 Access Control
PRATHAM SAHAY 19BCI0012
No ratings yet
FALLSEM2023-24 BCSE353E ETH VL2023240100875 2023-05-23 Reference-Material-I
Document50 pages
FALLSEM2023-24 BCSE353E ETH VL2023240100875 2023-05-23 Reference-Material-I
dsa dsa
No ratings yet
Lecture 1 Information Security Design
Document55 pages
Lecture 1 Information Security Design
Hùng Hùng Nguyễn Nguyễn
No ratings yet
FALLSEM2023-24 BCSE353E ETH VL2023240100850 2023-05-18 Reference-Material-I
Document24 pages
FALLSEM2023-24 BCSE353E ETH VL2023240100850 2023-05-18 Reference-Material-I
dsa dsa
No ratings yet
TM Apex One Training Course Overview
Document2 pages
TM Apex One Training Course Overview
Lisa
No ratings yet
CA Module 19
Document25 pages
CA Module 19
Ehab Rushdy
No ratings yet
Ppars2 Security (Pci Comp)
Document7 pages
Ppars2 Security (Pci Comp)
Alex Piasetskiy
No ratings yet
CISSP Certification Exam Study Guide: (Cerified Information Systems Security Professional)
From Everand
CISSP Certification Exam Study Guide: (Cerified Information Systems Security Professional)
Kumud Kumar
No ratings yet
TOPIC 2 Scoping The System PART 3
Document23 pages
TOPIC 2 Scoping The System PART 3
Aphelele Kwinana
No ratings yet
TOPIC 2 Scoping The System PART 5 NonFunctional PDF
Document4 pages
TOPIC 2 Scoping The System PART 5 NonFunctional PDF
Aphelele Kwinana
No ratings yet
TOPIC 2 Scoping The System PART 2
Document16 pages
TOPIC 2 Scoping The System PART 2
Aphelele Kwinana
No ratings yet
TOPIC 2 Scoping The System PART 1
Document11 pages
TOPIC 2 Scoping The System PART 1
Aphelele Kwinana
No ratings yet