سال انتشار: ۱۳۹۱

محل انتشار: دومین کنفرانس ملی مهندسی نرم افزار

تعداد صفحات: ۸

نویسنده(ها):

Sepideh Nasiri – Islamic Azad University
Samad Mohamadi – Islamic Azad University
mohamadreza heydarnejad –
Majid Meghdadi –

چکیده:

Nowadays, technology advancement, interconnection of the computer systems is increasingly growing. Network security and under-web applications; therefore, has come to be a major challenge. It is certain that technology advancement creates its own problems. Information manipulation, as the intellectual foundation of the nations, by international organizations is considered as an interruption of the national security and action against governments. Information security in virtual environments has been underlined as one of the most important and basic foundations for development. The present paper makes attempt to introduce a framework aiming at evaluating security systems under-web in software production and final product using ESA software engineering standard and two private methods of open web application security project and Microsoft threatening model process as well as a standard general method of common criteria for information technology security evaluation