The System Development Life Cycle is a complex process. The most effective way to protect information systems is to integrate security into every step of the system development process. The reason for this project is to develop a system to is disposition. This fully layered process has many stages. These stages are: initiation, analysis, design, implementation, maintenance and disposal of the system. Let’s take a look at each step in detail.
The Initiation phase when the need for a system is expressed and the system purpose and high-level requirements are documented. During this phase, the company or organization established the need for a system or document and its purpose. When planning for security purposes, the plan should begin in the initiation phase with identification of key roles that need to be carried out in the system. This particular system is the development system. This information is to now be, processed, transmitted, or stored and evaluated for those security requirements explained earlier.
Next comes the development phase. During the development phase, the system takes multiple steps. Design, purchased, programmed, developed and constructed are those steps. Security activity in this phase is conducted and a risk free assessment is give and is used for the results to supplement the baseline security controls. Then the organization should analyze the requirements by performing functional security testing. The assessment enables the organization to see the risk and assets resulting in the functioning of the operating system.
The implementation phase configures the systems security features and tests the functionality of the features the system has. It also installs and implements the system in order to obtain a formal authorization to operate the system. The designers review and test the systems to be sure that they are placed in the right place and are operating correctly. If the controls of the operating system are added to the application then the support team will step in.
Another phase in this process is the operations phase. When in the operations phase, the systems and/or the products are in place and are functioning correctly. If in need of adjustment then the software components are added to help modify them. The company should always monitor the performance of the system to make sure that it lines up and is consistent with that already established user and requirements. Those again are the requirements set by the security. A huge part in this phase is the ‘Configuration Management’. The ‘CM’, for short, is to be conducted to document any proposed or actual changes in the security plan of the system. The information systems are then put in a constant state and upgraded to hardware, software and firmware.
The last phase is the Disposal phase. When in this stage the plans for the system are developed for the discarding of information, hardware, and software. These things are disposed of an in comes the new system. Most of the time there is no definite end to a system. These systems more often than not, evolve or transition to the next generation.
- Lunn, Ken. Software Development with UML. Houndmills, Basingstoke, Hampshire: Palgrave Macmillan, 2003. Print.
- Collins, W. J. (2002). Data structures and the Java collections framework. Boston: McGraw-Hill.