A Systematic Security Approach in Software Requirements Engineering

  IJPTT-book-cover
 
International Journal of P2P Network Trends and Technology (IJPTT)          
 
© 2013 by IJPTT Journal
Volume-3 Issue-3                           
Year of Publication : 2013
Authors : P.Mahizharuvi, Dr.K.Alagarsamy

Citation

P.Mahizharuvi, Dr.K.Alagarsamy."A Systematic Security Approach in Software Requirements Engineering". International Journal of P2P Network Trends and Technology (IJPTT), V3(5):42 - 45  May - Jun 2013, ISSN:2249-2615, www.ijpttjournal.org. Published by Seventh Sense Research Group.

Abstract

Many software organizations today are confronted with challenge of building secure software systems. Traditional software engineering principles place little emphasis on security. These principles tend to tread security as one of a long list of quality factors that are expected from all professionally developed software. As software systems of today have a wide reach, security has become a more important factor than ever in the history of software engineering can no longer be treated as Separate Island. There is an imperative necessity to incorporative security into software engineering. Incorporating security into software engineering necessitates modification of existing software engineering principles, as these have to be tailored to take into account the security aspect. All phases of software engineering are likely to be impacted Requirement engineering has always occupied a primal position in software engineering. ”If you get the requirement correct, you are very close to getting the software correct”, has been an accepted fact. Many principles and techniques have been proposed for efficient requirement gathering and these have been validated and applied in practice. Incorporation of security into requirements engineering present several challenges and opportunities for researches. Security requirements posses certain unique characteristics that prevent them from being treated par with other normal functional requirement .for instance the customer may not be aware of the security aspect and may think that the software system developed is what he needs even though it is not secure. The lack of security in the developed system is not as apparent as failures related to performance and reliability. The proposed research aim at the establishment of sound principles and technique for security requirements engineering. The research is expected to be of great help to organization in their endeavor of building secure software system. The research will try to address the challenge in several ways which may include but not restricted to modification and enhancement of existing requirements engineering principles and models and creation of new ones.

References

[1]. Measuring The Software Security Requirements Engineering Process, 2012
[2]. An Effective Requirement Engineering Process Model for Software Development and Requirements Management,2010
[3]. Security Requirements Engineering: A Framework for Representation and Analysis, 2008
[4]. A common criteria based security requirements engineering process for the development of secure information systems,2009
[5]. Security Requirements Engineering; State of the Art and Research Challenges, 2008
[6]. Research Directions in Requirements Engineering, 2009
[7]. Security and Privacy Requirements Analysis within a Social Setting, 2007
[8]. Cutting Edge Practices for Secure Software Engineering,2007
[9]. A Survey on Security Patterns,2008
[10]. Software Security - The Bigger Picture,2008

Keywords

-