Abstract
Generally, software engineers are poorly trained to elicit, analyze and specify security requirements, often confusing them with the architectural security mechanisms that are traditionally used to fulfill them. One of the most ignored parts of a security-enhanced software development lifecycle is the security requirements engineering process. Security should begin at the requirements level and must cover both overt functional security and emergent characteristics. A critical review of literature on the attempts in this regard reveals that there is no standard framework or model available for delivering secured software requirement specification. This study presents a framework for the security requirement specification called Secured Requirement Specification Framework (SRSF), which is prescriptive in nature.
Highlights
Security is important in all aspects of life and the increasing pervasiveness and capability of information technology makes IT infrastructure security increasingly so[1]
The goals of these developed a Secure Software Development Model processes are to improve the strength of security (SSDM), which integrates security engineering with mechanisms and reduce the likelihood of security flaws software engineering so as to ensure effective in products
Review of already developed or underdevelopment requirement specification may be guided by the framework and this framework may form the basis for the development of better-refined roadmap
Summary
Security is important in all aspects of life and the increasing pervasiveness and capability of information technology makes IT infrastructure security increasingly so[1]. Simon Adesina Sodiya, a includes a comprehensive set of security assurance researcher at the Nigerian University of Agriculture mechanisms and processes The goals of these developed a Secure Software Development Model processes are to improve the strength of security (SSDM), which integrates security engineering with mechanisms and reduce the likelihood of security flaws software engineering so as to ensure effective in products. The major objective of the RUPSec is to define a software process model in which security requirements are considered in all development phases of a computer-based system: program. If other documentation such as user manuals and architectural documentation exists, it is advisable to review that material as well This phase comprises of the sub activities including identification of security requirements, ensuring developers security awareness, identification of global security policy, conducting risk analysis of requirement. Review of already developed or underdevelopment requirement specification may be guided by the framework and this framework may form the basis for the development of better-refined roadmap
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
