My Account Log in

1 option

Security considerations in the information system development life cycle / T. Grance, J. Hash, M. Stevens.

National Institute of Standards and Technology (NIST) Publications Available online

View online
Format:
Book
Government document
Author/Creator:
Grance, T., author.
Contributor:
Grance, T.
Hash, J.
Stevens, M.
National Institute of Standards and Technology (U.S.). Computer Security Division.
Series:
NIST special publication ; 800-64.
NIST special publication ; 800-64
Language:
English
Genre:
Technical reports.
Physical Description:
1 online resource.
Place of Publication:
Gaithersburg, MD : U.S. Dept. of Commerce, National Institute of Standards and Technology, 2003.
System Details:
text file
Summary:
The need to provide protection for federal information systems has been present since computers were first used. Including security early in the acquisition process for an information system will usually result in less expensive and more effective security than adding it to an operational system once it has entered service. This guide presents a framework for incorporating security into all phases of the information system development life cycle (SDLC) process, from initiation to disposal. This document is a guide to help organizations select and acquire cost-effective security controls by explaining how to include information system security requirements in the SDLC.Five phases of a general SDLC are discussed in this guide and include the following phases: initiation, acquisition/development, implementation, operations/maintenance, and disposition. Each of these five phases includes a minimum set of security steps needed to effectively incorporate security into a system during its development. An organization will either use the general SDLC described in this document or will have developed a tailored SDLC that meets their specific needs. In either case, NIST recommends that organizations incorporate the associated IT security steps of this general SDLC into their own development process.
Notes:
2003.
Contributed record: Metadata reviewed, not verified. Some fields updated by batch processes.
Superseded by NIST Special Publication 800-64r1.
Title from PDF title page.
Includes bibliographical references.
OCLC:
927736143
Publisher Number:
GOVPUB-C13-41396cfef51bfa73496026b36b1ec1c7
Access Restriction:
Open Access Unrestricted online access

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account