System and method for measuring and enforcing security policy compliance for software during the development process of the software
First Claim
Patent Images
1. A computer program product for managing compliance to security policy for software being developed, wherein the security policy is set and comprises one or more security requirements and the software is required to comply with the security policy, the computer program product including a computer-readable storage medium encoded with program logic for allowing the following computer-executable steps to occur:
- (a) measuring compliance to the security policy by the software being developed, wherein measuring compliance includes checking for digital signatures, computer viruses, or trojan horses;
wherein the security policy enables security requirements for design, development, and quality assurance of the software being developed;
(b) creating a scorecard of the measured compliance of the software being developed to the one or more security requirements of the security policy in step (a); and
(c) using the scorecard created in step (b) to enforce the security policy by ensuring that the software being developed meets a predetermined level of compliance as measured by the scorecard including verifying compliance criteria for digital signatures, computer viruses, or trojan horses.
9 Assignments
0 Petitions
Accused Products
Abstract
A method, computer program product, and apparatus for managing compliance to security policy by measuring it and enforcing security policy compliance based on the measurement for software under development.
-
Citations
7 Claims
-
1. A computer program product for managing compliance to security policy for software being developed, wherein the security policy is set and comprises one or more security requirements and the software is required to comply with the security policy, the computer program product including a computer-readable storage medium encoded with program logic for allowing the following computer-executable steps to occur:
-
(a) measuring compliance to the security policy by the software being developed, wherein measuring compliance includes checking for digital signatures, computer viruses, or trojan horses;
wherein the security policy enables security requirements for design, development, and quality assurance of the software being developed;(b) creating a scorecard of the measured compliance of the software being developed to the one or more security requirements of the security policy in step (a); and (c) using the scorecard created in step (b) to enforce the security policy by ensuring that the software being developed meets a predetermined level of compliance as measured by the scorecard including verifying compliance criteria for digital signatures, computer viruses, or trojan horses. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeEmc IP Holding Company LLC (Dell Technologies Inc.)
-
Original AssigneeEMC Corporation (Dell Technologies Inc.)
-
InventorsAlbertson, Jamie, Baize, Eric
-
Primary Examiner(s)Cervetti; David Garcia
-
Application NumberUS11/393,396Time in Patent Office1,846 DaysField of Search726/1, 726/6US Class Current726/1CPC Class CodesG06F 21/562 Static detectionG06F 21/577 Assessing vulnerabilities a...G06F 2221/2101 Auditing as a secondary aspectH04L 63/145 the attack involving the pr...
