User Account

All Pages

Create a software assurance guidelines document

Assignment Help Computer Engineering
Reference no: EM131458280

Assignemnt: Software Security

Project Selection:

The first step will be to select an organization as the target for your software assurance guidelines document. This organization will be used as the basis for each of the assignments throughout the course and should conform to the following guidelines:

• Nontrivial: The selected organization should be large enough to allow reasonable exercise of the software assurance guidelines planning process.

• Domain Knowledge: You should be familiar enough with the organization to allow you to focus on the planning tasks without significant time required for domain education.

• Accessibility: You should have access to the people and other information related to the organization. This will be an important part of the planning process.

The selected organization may already have software assurance guidelines in place and still be used as the basis for the projects in this course. The selected organization must produce software applications for the government, and is therefore subject to software assurance requirements. It is understood that such an organization may not be readily accessible. Therefore, you may feel free to identify a hypothetical organization that meets the requirements. Any necessary assumptions may be made to fulfill the requirements of organization selection.

Select an existing organization, or identify a hypothetical organization that fits the requirements listed above. Submit your proposal to your instructor before proceeding further with the assignments in the course. Approval should be sought within the first several days of the course. Your instructor will tell you how to submit this proposal and what notification will be given for project approval.

Assignment:

For the assignments in this course, you will not be implementing any software assurance policies or procedures. You will be developing a comprehensive software assurance guidelines document. Your first task in this process will be to select an organization (or identify a hypothetical organization) to use as the basis of your projects. You will also create the shell document for the final project deliverable that you will be working on during each unit. As you proceed through each project phase, you will add content to each section of the final document to gradually complete the final project deliverable. Appropriate research should be conducted to support the development of your guideline document, and assumptions may be made when necessary.

The project deliverables are the following:

• Submit your organization proposal to instructor for approval.
• Create a software assurance guidelines document shell in Word. It should include the following:

o Create a title page

- Course number and name
- Project name
- Student name
- Date

o Table of contents (TOC)

- Use autogenerated TOC
- Separate page
- Maximum of 3 levels deep
- Update the TOC before submitting your project

o Section headings (create each heading on a new page with "TBD" as content, except for sections listed under New Content below)

- Project Outline
- Security in the Development Life Cycle
- Software Assurance Techniques
- Security in Nontraditional Development Models
- Security Static Analysis
- Software Assurance Policies and Processes

o New Content

- Project outline and requirements
- Brief description of the organization (can be hypothetical) and where the guidelines will be implemented
- Company size, location(s), and other pertinent information
- List of the software applications provided by the company for the government
- The software list must include at least 1 desktop and 1 Web application.
- A database must be used with one of the applications.
- A summary of the software development organization within the company, employees and reporting structure, systems and technologies used for software development, testing, source control, and document storage
- Material can be taken from the approved proposal that was submitted to the instructor (ensure that this project is approved by the instructor).
- Security in the development life cycle
- Provide an outline of the SDLC model that is used in your organization, including each of the major phases.
- This should be a traditional SDLC. Extended models, such extreme programming, will be covered in a later section.
- Identify specific components of the security development model that can be applied to each of the phases of your SDLC model.
- For each pairing of security development model component to SDLC model phase, describe how the security model is applied and the major tasks that are involved.

Reference no: EM131458280

Questions Cloud

Describe component of comprehensive business continuity plan : Describe the key components of a comprehensive business continuity plan for an attack or incident which could affect Sunshine Machine Work's network and data.
Compute the value using risk-neutral valuation : Use Figure. Consider a European call option on the three-period zerocoupon bond with maturity time 1 and strike price of k = $0.90. Compute the value using risk
What are the elements of a hostile work environment claim : Identify whether John can make a prima facie case of hostile work environment by identifying the elements required to bring a cause of action for discrimination
Discuss some aspect of women and leadership : Locate two current articles from the past year that discuss some aspect of women and leadership.
Create a software assurance guidelines document : Create a software assurance guidelines document shell in Word. Select an existing organization, or identify a hypothetical organization that fits requirements.
Does the modern union need to redefine its role : Does the modern union need to redefine its role and purpose to effectively serve its membership?How does the presence of a union influence.
What is a trading strategy : In the caplet example, suppose the traded caplet has a market price of $0.002. What is a trading strategy that will generate an arbitrage opportunity?
Transformational-transactional leadership in organization : Evaluate the role and effectiveness of transformational and transactional leadership in the organization. Support your (claims, points?) with examples (from?).
How will you determine their readiness for training : Assume you have to prepare older employees with little computer experiences to attend a training course on how to use the internet.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd