O'Reilly logo

Web Commerce Security Design and Development by Ronald L. Krutz, Hadi Nahari

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Systems Security Engineering Capability Maturity Model

An alternative approach to evaluating assurance is built on the capability maturity model (CMM) paradigm, which is a five-level model of increasingly mature processes and continuous improvement. The CMM originated in the Carnegie Mellon Software Engineering Institute (SEI) under the auspices of the U.S. Department of Defense (DoD).

The Systems Security Engineering Capability Maturity Model (SSE-CMM; copyright 1999 by the Systems Security Engineering Capability Maturity Model [SSE-CMM] Project) is based on the premise that if you can guarantee the quality of the processes that are used by an organization, then you can guarantee the quality of the products and services generated by those processes. It was developed by a consortium of government and industry experts and is now under the auspices of the International Systems Security Engineering Association (ISSEA) at www.issea.org. The SSE-CMM (www.sse-cmm.org/) makes the following salient points:

  • Describes those characteristics of security engineering processes essential to ensure good security engineering
  • Captures industry's best practices
  • Accepted way of defining practices and improving capability
  • Provides measures of growth in capability of applying processes

The SSE-CMM addresses the following areas of security:

  • Operations security
  • Information security
  • Network security
  • Physical security
  • Personnel security
  • Administrative security
  • Communications security
  • Emanations security ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required