Abstract

Security is the major issue in web applications and it should be carefully considered in all the phases of the software development life cycle. The security requirements should be elicited and analysed in the early stages of requirements engineering. They are elicited from different sources by using security requirements engineering methods. Ontology can be used as one of the sources to specify security requirements knowledge effectively, since it is a 'formal, explicit specification of shared concepts' and is reusable. But there are no standard or only primitive security requirements ontology is available for requirements engineering phase. In this paper, we proposed and created security requirements ontology for web applications. Hence, we can reuse the security requirements knowledge and specify security requirements for developing different web applications. The reusability and effectiveness of security requirements ontology are validated using querying method.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Design of Secure and Traceable Requirement Engineering Process for Security-Sensitive Projects
Abdul Ahad ... Saba Niaz
Journal of Software Engineering and Applications | VOL. 10
Abdul Ahad, et. al.Abdul Ahad ... Saba Niaz
01 Jan 2017
Effectiveness and performance analysis of model-oriented security requirements engineering to elicit security requirements: a systematic solution for developing secure software systems
P Salini ... S Kanmani
International Journal of Information Security | VOL. 15
P Salini, et. al.P Salini ... S Kanmani
21 Nov 2015
Extending V-model practices to support SRE to build secure web application
Ala A Abdulrazeg ... Norita Md Norwawi
-
Ala A Abdulrazeg, et. al.Ala A Abdulrazeg ... Norita Md Norwawi
01 Oct 2014
Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey
Mukesh Kumar Gupta ... M.C Govil
-
Mukesh Kumar Gupta, et. al.Mukesh Kumar Gupta ... M.C Govil
01 May 2014
View more papers

More From: International Journal of Internet Technology and Secured Transactions

Paper Title
Journal
Date
Author
An improved deep autoencoder-based network intrusion detection system with enhanced performance
Bidyapati Thiyam ... Shouvik Dey
International Journal of Internet Technology and Secured Transactions | VOL. 13
Bidyapati Thiyam, et. al.Bidyapati Thiyam ... Shouvik Dey
01 Jan 2024
Improving cloud security model for web applications using hybrid encryption techniques
J.E Judith ... R.S Kanakasabapathi
International Journal of Internet Technology and Secured Transactions | VOL. 13
J.E Judith, et. al.J.E Judith ... R.S Kanakasabapathi
01 Jan 2024
Improving cloud security model for web applications using hybrid encryption techniques
R.S Kanakasabapathi ... J.E Judith
International Journal of Internet Technology and Secured Transactions | VOL. 13
R.S Kanakasabapathi, et. al.R.S Kanakasabapathi ... J.E Judith
01 Jan 2024
Security of internet of vehicles in smart cities: authentication and confidentiality aspects
Roumissa Sahbi ... Salim Ghanemi
International Journal of Internet Technology and Secured Transactions | VOL. 13
Roumissa Sahbi, et. al.Roumissa Sahbi ... Salim Ghanemi
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.