+DEV-05.01B

1. Übersicht

DEV-05.01B

Design documentation for security features is based on a security analysis of the adequacy and planned effectiveness of the features. A specification of expected inputs, outputs and possible errors is included in the documentation.

Security features are typically features that control confidentiality (e.g. via integrating cryptography), integrity (e.g. via introducing check-sums or validating input data), availability (e.g. via redundancy or resiliency), authentication (e.g. via MFA or secure session management) and authorisation (e.g. via different roles). They usually follow from threat modelling and risk assessment. Ideally, security features are an integral part of the software development process and not additions made only after new software features have been created.

Bezeichnung	Standard

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html