2.3. The Systems Development Life Cycle (SDLC): Security as a Process from Beginning to End

The SDLC is a method used by system developers and programmers to formalize the implementation of any system-based process—from the initial project definition to the phasing out or replacement of the system. The exact number of steps in the process can vary, but for our purposes we'll use five major phases broken into sublayers:

  1. Initiation

    • Conceptual Definition

    • Functional Requirement Determination

    • Protection Specifications Development

    • Design Review

  2. Development and Acquisition

    • Component and Code Review

    • System Test Review

    • Certification

  3. Implementation

  4. Operation and Maintenance

  5. Disposal

Initiation is defined as the beginning of the security process. Ideally, of course, ...

Get Mastering™ Network Security, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.