Explore BrainMass

Explore BrainMass

    Focuses on Development Methodology

    This content was COPIED from BrainMass.com - View the original, and get the already-completed solution here!

    Type-1 certification (TOP SECRET) focuses on Development Methodology. How would you address this certification issue with your hypothetical company (any company) for your system (for example: operating system) that you are trying to certify at the TOP SECRET level? This certification issue focuses on two areas: (a) Software Development Process and (b) Life Cycle Model.

    Hint: Remember; you are focusing on security as your top priority for this case and not necessarily performance. (All the external information (outside of your textbook) you need to answer this question is on the Internet (you can also use other textbooks and hardcopy documentation as well as the Internet) and you don't need a security background on this subject. This is a capstone question to get you thinking as a computer security system designer for information assurance.

    © BrainMass Inc. brainmass.com October 10, 2019, 3:14 am ad1c9bdddf

    Solution Preview

    An example of how I would address this certification issue
    Top Secret level provides a means to establish access controls for the information in the system that is to be designed, created, and implemented. The objective is to restrict access to unauthorized users and/or programs. The Top Secret category is "Confidential". Therefore, the system has System Level Access Controls that focus on two areas: (a) Software Development Process and (b) Life Cycle Model to provide restricted access to unauthorized users and/or programs.
    "Discretionary Access Control restricts access to objects (files, data, and programs) based on the identity of the subject (user or program) (S., & J., 2003).
    Mandatory Access Control restricts access to ...

    Solution Summary

    The expert examines how to address certification issues with a hypothetical company.