Software Security Requirements Gathering Instrument

被引:0
|
作者
Jain, Smriti [1 ]
Ingle, Maya [2 ]
机构
[1] SRGPGPI, MCA Dept, Indore, India
[2] Indore Inst Comp Applicat, Indore, India
来源
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS | 2011年 / 2卷 / 07期
关键词
Software Requirements Specification; Security Policy; Security Objectives; Security Requirements;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Security breaches are largely caused by the vulnerable software. Since individuals and organizations mostly depend on softwares, it is important to produce in secured manner. The first step towards producing secured software is through gathering security requirements. This paper describes Software Security Requirements Gathering Instrument (SSRGI) that helps gather security requirements from the various stakeholders. This will guide the developers to gather security requirements along with the functional requirements and further incorporate security during other phases of software development. We subsequently present case studies that describe the integration of the SSRGI instrument with Software Requirements Specification (SRS) document as specified in standard IEEE 830-1998. Proposed SSRGI will support the software developers in gathering security requirements in detail during requirements gathering phase.
引用
收藏
页码:116 / 121
页数:6
相关论文
共 50 条
  • [1] An Exploratory Study Gathering Security Requirements for the Software Development Process
    Andrade, Roberto
    Torres, Jenny
    Ortiz-Garces, Ivan
    Mino, Jorge
    Almeida, Luis
    [J]. ELECTRONICS, 2023, 12 (17)
  • [2] Collaborative Practices for Software Requirements Gathering in Software Startups
    Chanin, Rafael
    Pompermaier, Leandro
    Sales, Afonso
    Prikladnicki, Rafael
    [J]. 2019 IEEE/ACM 12TH INTERNATIONAL WORKSHOP ON COOPERATIVE AND HUMAN ASPECTS OF SOFTWARE ENGINEERING (CHASE 2019), 2019, : 31 - 32
  • [3] Gathering Requirements for Software Configuration from the Crowd
    Munante, Denisse
    Siena, Alberto
    Kifetew, Fitsum Meshesha
    Susi, Angelo
    Stade, Melanie
    Seyff, Norbert
    [J]. 2017 IEEE 25TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW), 2017, : 176 - 181
  • [4] Challenges in Requirements Gathering for Agile Software Development
    Simhadri, Ramyasri
    Shameem, Mohammad
    [J]. 27TH INTERNATIONAL CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2023, 2023, : 406 - 413
  • [5] Security requirements for software development
    Kim, TH
    Shin, MC
    Kim, SH
    Cha, JS
    [J]. KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 3, PROCEEDINGS, 2004, 3215 : 116 - 122
  • [6] Pseudo software: A mediating instrument for modeling software requirements
    Jwo, Jung-Sing
    Cheng, Yu Chin
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2010, 83 (04) : 599 - 608
  • [7] Development of a software security assessment instrument to reduce software security risk
    Gilliam, DP
    Kelly, JC
    Powell, JD
    Bishop, M
    [J]. PROCEEDINGS OF THE TENTH IEEE INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES, 2001, : 144 - 149
  • [8] Identifying requirements for network security software
    White, DA
    Alijani, GS
    [J]. SAM'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND MANAGEMENT, VOLS 1 AND 2, 2003, : 539 - 543
  • [9] Security requirements in software product lines
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    [J]. SECRYPT 2008: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2008, : 442 - +
  • [10] Capturing security requirements for software systems
    El-Hadary, Hassan
    El-Kassas, Sherif
    [J]. JOURNAL OF ADVANCED RESEARCH, 2014, 5 (04) : 463 - 472
12345