ABSTRACT

Application security is broken down into three parts: 1) the

application in development, 2) the application in produc-

tion, and 3) the commercial off-the-shelf software (COTS)

application that is introduced into production. Each one

requires a different approach to secure the application. As

with the Common Criteria ISO 15408, one must develop a

security profile or baseline of security requirements and

level of reasonability of risk.

Registered in England & Wales No. 3099067
5 Howick Place | London | SW1P 1WG© 2024 Informa UK Limited