Optimizing Quality Levels and Development Costs for Developing an Integrated Information Security System

Choi, Myeonggil; Shin, Sangmun

doi:10.1007/978-3-540-77535-5_26

Myeonggil Choi⁴ &
Sangmun Shin⁴

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4867))

Included in the following conference series:

International Workshop on Information Security Applications

1004 Accesses
1 Citations

Abstract

Increased Internet threats make many kinds of information security systems performing various functions, which can often be combined into functions of an integrated information security system. To load various functions to an integration information system, much development resources should be invested to a development life cycles. The constraints of development resources force developers not to achieve a balanced quality of the system. To attain the specified quality of the system within the given development resources, the relative weights among quality factors of the system on a development life cycle should be measured and a balance between the levels of quality and development costs should be optimized, simultaneously. This paper suggests the relative weights of the quality factors influencing operations of the system, and shows an optimal solution for the quality levels and development costs using desirability function (DF). For optimization, this paper employs AHP as multiple criteria decision making (MCDM) technique and DF.

This work was supported by the 2006 Inje University research grant.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Borror, C.M.: Mean and Variance Modeling with Qualitative Responses: A Case Study. Quality Engineering 11(1), 141–148 (1998)
Article Google Scholar
Côté, et al.: The evolution Path for Industrial Software Quality Evaluation Methods Applying ISO/IEC 9126: 2001 Quality Model: 2001 Quality Model: Example of MITRE’s SQAE Method. Software Quality Journal 13, 17–39 (2005)
Article Google Scholar
Derringer, G.C., Suich, R.: Simultaneous Optimization of Several Response Variables. Journal of Quality Technology 12, 214–219 (1980)
Google Scholar
Eloff, M., Solms, S.H.: Information Security Management, Hierarchical Framework for Various Approaches. Computers & Security 19, 243–256 (2000)
Article Google Scholar
Harrington Jr., E.C.: The Desirability Function. Industrial Quality Control 21, 494–498 (1965)
Google Scholar
Hefner, R., Monroe, W.: System Security Engineering Capability Maturity Model. In: Conference on Software Process Improvement (1997)
Google Scholar
http://www.itstv.net/broad/news_list.asp?opt=contents&wrd=&page=2&status=list
http://www.3com.com/en_US/jump_page/embedded_firewall.html
The list of certified products http://www.ncsc.go.kr/
ISO/IEC: Software Engineering-Product Quality-Part1: Quality Model (2001)
Google Scholar
Aguarón, J., et al.: The Geometric Consistency Index: Approximated threshold. European Journal of Operation Research Wood, C. and Snow, K.: ISO 9000 and information, Security, Computer & Security 147(1), 137–145 (2003)
Article MATH Google Scholar
Choi, M., et al.: An Empirical Study of Quality and Cost Based Security Engineering. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds.) ISPEC 2006. LNCS, vol. 3903, Springer, Heidelberg (2006)
Google Scholar
Varnovsky, N.P., Zakharov, V.A.: On the Possibility of Provably Secure Obfuscating Programs. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 91–102. Springer, Heidelberg (2004)
Chapter Google Scholar
Satty, T.L.: Decision Making for Leaders: The Analytical Hierarchy Process for Decision in a Complex World. RWS Publications (1995)
Google Scholar
Shin, S.M., Cho, B.R.: Trade-off Studies on Process Parameters: A Robust Design Perspective. In: The 11th Industrial Engineering Research Conference, Orlando, FL (2002)
Google Scholar
Wood, C., Snow, K.: ISO 9000 and information. Security, Computer & Security 14(4), 287–288 (1995)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Department of Systems Management Engineering, INJE University, 607 Obang-dong, Gimhae, Gyeongnam, 621-749, Korea
Myeonggil Choi & Sangmun Shin

Authors

Myeonggil Choi
View author publications
You can also search for this author in PubMed Google Scholar
Sangmun Shin
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Industrial Engineering, KAIST, 373-1, Guseong-dong, Yuseong-gu, 305-701, Daejeon, Korea
Sehun Kim
RSA Labs, EMC Corp. and Department of Computer Science, Columbia University,, USA
Moti Yung
Div. Computer Information of Software, Hanshin University, 411, Yangsan-dong, 447-791, Osan, Gyunggi, South Korea
Hyung-Woo Lee

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Choi, M., Shin, S. (2007). Optimizing Quality Levels and Development Costs for Developing an Integrated Information Security System. In: Kim, S., Yung, M., Lee, HW. (eds) Information Security Applications. WISA 2007. Lecture Notes in Computer Science, vol 4867. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77535-5_26

Download citation

DOI: https://doi.org/10.1007/978-3-540-77535-5_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77534-8
Online ISBN: 978-3-540-77535-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics