3/11/2020Morgan leFaye BeckerCOLORADO TECHNICAL UNIVERSITYSoftware AssuranceGuidelines DocumentCSS321-2001B-01: Software Assurance
Software Assurance Guidelines DocumentTable ofContentsTurtle Love Refuge..........................................................................................................................3Security in the Development LifeCycle (SDL)...............................................................................5Core Security Training.................................................................................................................5Requirements...............................................................................................................................6Design..........................................................................................................................................7Implementation............................................................................................................................7Verification..................................................................................................................................7Release.........................................................................................................................................8Response......................................................................................................................................8Software Assurance Techniques....................................................................................................10Software applications of TLR and possible risks......................................................................10GPS tracking database and program..........................................................................................10Turtle Love Resort website........................................................................................................10Turtle Medical Records Database..............................................................................................11Types of attacks and guidelines to prevent attacks....................................................................12Human error/sabotage................................................................................................................12Structure Query Language (SQL) injection attack....................................................................12Denial-of-Service Attack (DoS)................................................................................................13Session Hijacking......................................................................................................................14Security in Nontraditional Development Models..........................................................................16Big bang Model.........................................................................................................................16Big Bang Deployment...............................................................................................................17Software Assurance Policies and Processes..................................................................................20Bibliography..................................................................................................................................211
Software Assurance Guidelines DocumentTurtle Love RefugeTurtle Love Refuge (TLR) is a turtle medical facility that assists with the recovery andtracking of endangered turtle species off the coast of Panglao, Philippines. These guidelines areimplemented throughout the refuge and staffing. This facility is equipped with medical suppliesand staff to assist with the care and security of the animals that have been or are being cared forat the refuge. There are two herpetologists, a veterinary assistant, and one intern who specializein a range of sea turtles and other reptiles of the region. Their responsibilities will include thecare and treatment of the reptiles. Occasionally they will need to attach a GPS tracking device tothe shells of a turtle.The IT specialist is responsible for the care and maintenance of the IT equipment and thesecurity of the data of the facility. The tech team (of 2 members) will maintain the servers,medical database of the species treated, the data collected from the GPS tracking devices, andupkeep of the equipment in the facility. Equipment follows as:4-5 PCs or Laptopso1 desktop is designated for the GPS tracking databaseGPS tracking database software.Used for the website. The items on the website:Last GPS location of the turtles being trackedDonations can be made on the siteGeneral information on turtles in the regionVideo feed provided from tracking deviceso2 laptops and 1 desktop in the medical lab.Medical records of reptiles seen at the facilityMedical database of treatment and procedures8 GPS tracking deviceso4 are activeo1 is lost (tracking and reporting have failed)o3 are inactive for repairs or a new specimen.2
Software Assurance Guidelines Document1 wireless tablet1 RouteroLocated in IT office2 wireless amplifiersoUsed to amplify coverages to the beachThe IT team is responsible for developing the databases for the collected data, assigningappropriate access to the medical staffing to allow input to the database, running scheduled scansand vulnerability assessments to verify the integrity of the company, repairing and maintainingthreats that occur, and to provide training on updates that impact daily functions of the refugefacility. The IT specialist will have access to all systems and data to provide consistent updates tothe facility. They will report to the head of the facility of any compromised data.
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 22 pages?
Upload your study docs or become a
Course Hero member to access this document
