Title:
|
SECURITY OF SOFTWARE OUTSOURCING IN MILITARY AND GOVERNMENT AGENCIES |
Author(s):
|
Luke Ho , Anthony Atkins |
ISBN:
|
972-8924-02-X |
Editors:
|
Pedro Isaías and Miguel Baptista Nunes |
Year:
|
2005 |
Edition:
|
1 |
Keywords:
|
Security, Outsourcing, Military, Government, Risk Management. |
Type:
|
Full Paper |
First Page:
|
347 |
Last Page:
|
355 |
Language:
|
English |
Cover:
|
|
Full Contents:
|
click to dowload
|
Paper Abstract:
|
The use of Commercial Off The Shelf (COTS) software is increasingly commonplace in Military and Government Agencies (MGAs) in various domains, such as military simulation. The recently commissioned Aegis class destroyer USS Pinckney of the US Navy for example, is completely outfitted with COTS-based technology, instead of the previously all legacy military-specific computers and software. In order to exploit reduced development costs, traditional defence contractors have begun to subcontract their software development to lower tier and sometimes foreign vendors. This increases the potential number of software developers involved, which results in greater exposure and further opportunities for malicious tampering by hostile individuals or organisations. The issues of software security, particularly with COTS software and the utilisation of Outsourced Software Development (OSD), is consequently a concern to many MGAs. This paper discusses a number of issues regarding the use of COTS software and OSD within MGAs, and highlights a variety of risk management techniques to help identify, control and ultimately minimise the associated risks. Specifically, there is no silver bullet to software security and the ideal solution may instead be a blended approach that incorporates improved collection of information on software developers and periodical reassessments. |
|
|
|
|