Security Requirements Elicitation and Assessment Mechanism (SecREAM)

Today, when most of the software are web-based or cloud-based having a variety of stakeholders with intertwined requirements, developing secure software is a complex issue. Usually, security is neglected during the development process. Now, the researchers emphasize on inclusion of security in development process, especially during the early phases. This paper suggests Security Requirements Elicitation and Assessment Mechanism (SecREAM), a novel methodology to imbibe security right from the inception of the software. It is applicable to both kinds of software-on premise and on cloud. The crux of the methodology lies in actively involving all kinds of stakeholders and ranking of the required assets on the basis of certain parameters that will facilitate a well - understood design and help in making better technical and non-technical decisions later during the course of development.