Abstract

Security breaches are largely caused by the vulnerable software. Since individuals and organizations mostly depend on softwares, it is important to produce in secured manner. The first step towards producing secured software is through gathering security requirements. This paper describes Software Security Requirements Gathering Instrument (SSRGI) that helps gather security requirements from the various stakeholders. This will guide the developers to gather security requirements along with the functional requirements and further incorporate security during other phases of software development. We subsequently present case studies that describe the integration of the SSRGI instrument with Software Requirements Specification (SRS) document as specified in standard IEEE 830-1998. Proposed SSRGI will support the software developers in gathering security requirements in detail during requirements gathering phase.

Highlights

  • Requirements define necessary and desired capabilities of the proposed system

  • We presented Security Requirements Gathering Instrument (SSRGI) that provides a general approach to incorporate security during the requirements gathering phase of the software development process

  • It focuses on different types of security requirement that can be gathered from different roles

Read more

Summary

INTRODUCTION

Requirements define necessary and desired capabilities of the proposed system. requirements’ gathering is the first step towards the development of software. Common requirements are business rules, budgets, interfaces, reports, security, hardware, software etc. These requirements are defined by the stakeholders. It is stated that Common Criteria (CC) allows for the development of security requirements, and is being used on the architectural level of the security requirements. This made the usage of CC more beneficial [9]. We propose a Software Security Requirements Gathering Instrument (SSRGI) which can be used to gather the security requirements.

IEEE STANDARD 830-1998
Security Policy
Security Needs and Objectives
Security Requirements
CASE STUDY
RESULTS AND CONCLUSION

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Delineation and Elucidation of Security Activities in Agile Software Development
Sushil Kumar ... Ashish Jolly
Indian Journal of Science and Technology | VOL. 9
Sushil Kumar, et. al.Sushil Kumar ... Ashish Jolly
30 Dec 2016
Ambi Detect: An Ambiguous Software Requirements Specification Detection Tool
Osman, M.H Et.Al
Turkish Journal of Computer and Mathematics Education (TURCOMAT) | VOL. 12
Osman, M.H Et.AlOsman, M.H Et.Al
10 Apr 2021
A detecting and interpreting method of the inconsistency of software requirements specifications
H Sugimoto ... A Ohnishi
-
H Sugimoto, et. al.H Sugimoto ... A Ohnishi
07 Dec 1999
Software Requirement Criteria based on Human Errors
Fuqun Huang
-
Fuqun HuangFuqun Huang
01 Oct 2021
View more papers

More From: International Journal of Advanced Computer Science and Applications

Paper Title
Journal
Date
Author
Automatic Dust Reduction System: An IoT Intervention for Air quality
Bosharah Makki Zakri ... Ohood Zamzami
International Journal of Advanced Computer Science and Applications | VOL. 15
Bosharah Makki Zakri, et. al.Bosharah Makki Zakri ... Ohood Zamzami
01 Jan 2024
Multiview Outlier Filtered Pediatric Heart Sound Classification
Sagnik Dakshit
International Journal of Advanced Computer Science and Applications | VOL. -
Sagnik DakshitSagnik Dakshit
01 Jan 2024
Enhancing Data Warehouses Security
Muhanad A Alkhubouli ... Hany M Lala
International Journal of Advanced Computer Science and Applications | VOL. 15
Muhanad A Alkhubouli, et. al.Muhanad A Alkhubouli ... Hany M Lala
01 Jan 2024
A Secure Scheme to Counter the Man in the Middle Attacks in SDN Networks-Based Domain Name System
Frank Manuel Vuide Pangop ... Mthulisi Velempini
International Journal of Advanced Computer Science and Applications | VOL. -
Frank Manuel Vuide Pangop, et. al.Frank Manuel Vuide Pangop ... Mthulisi Velempini
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.