the whole security life cycle design of information system

Posted by lipsius at 2020-04-12

First of all, I'm sorry for my poor writing. I just want to write about how to integrate safety thinking and technology into the whole life cycle of the product and reduce the safety problems of the product in an all-round way.

After working for so many years, ah, I just graduated from the school and worked as a network administrator. I have worked as a system, as a network, as a web developer. My brother has experienced too much and too much. At the end, I had to do security. Only when I had to do so, could I get away from the meeting and see how important the experience is. After I did security, I just kneaded these pieces together.

What you mentioned in daily life is web security, system security, network security and so on. These are not comprehensive in the whole product security cycle. How can we penetrate security into the whole life cycle? This is what we need. In this way, we can really protect your information system. A product is a PDCA from requirements, design, coding, testing, online, operation and maintenance Process. I don't think it's a problem for a product to be safe, at least it will be reduced a lot.

I can't write any more. I have no idea. Ha ha, I'm sorry. I'm sending a thought map of the overall security life cycle design of the system. It just reflects my understanding of the overall security of the information system. If you are interested, you can add it. I'm sorry.

This picture is not completely displayed. You can copy it and open it separately.