Security Requirements Elicitation and Assessment Mechanism (SecREAM)

被引:0
|
作者
Goel, Rajat [1 ]
Govil, M. C. [1 ]
Singh, Girdhari [1 ]
机构
[1] Malaviya Natl Inst Technol, Dept Comp Sci & Engn, Jaipur, Rajasthan, India
来源
2015 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI) | 2015年
关键词
SecREAM; software development life cycle; requirement elicitation; assessment mechanism; SaaS;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Today, when most of the software are web-based or cloud-based having a variety of stakeholders with intertwined requirements, developing secure software is a complex issue. Usually, security is neglected during the development process. Now, the researchers emphasize on inclusion of security in development process, especially during the early phases. This paper suggests Security Requirements Elicitation and Assessment Mechanism (SecREAM), a novel methodology to imbibe security right from the inception of the software. It is applicable to both kinds of software-on premise and on cloud. The crux of the methodology lies in actively involving all kinds of stakeholders and ranking of the required assets on the basis of certain parameters that will facilitate a well - understood design and help in making better technical and non-technical decisions later during the course of development.
引用
收藏
页码:1862 / 1866
页数:5
相关论文
共 50 条
  • [11] Security Requirements Elicitation from Airline Turnaround Processes
    Raimundas Matulevičius
    Alex Norta
    Silver Samarütel
    Business & Information Systems Engineering, 2018, 60 : 3 - 20
  • [12] Managing Sessions of Creative Requirements Elicitation and Assessment
    Pinto, Rafael
    Silva, Lyrene
    Valentim, Ricardo
    PROCEEDINGS OF THE 35TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING (SAC'20), 2020, : 1355 - 1362
  • [13] Security requirements elicitation via weaving scenarios based on security evaluation criteria
    Itoga, Hiroya
    Ohnishi, Atsushi
    USIC 2007: PROCEEDINGS OF THE SEVENTH INTERNATIONAL CONFERENCE ON QUALITY SOFTWARE, 2007, : 70 - 79
  • [14] Problem-based Elicitation of Security Requirements The ProCOR Method
    Wirtz, Roman
    Heisel, Maritta
    Meis, Rene
    Omerovic, Aida
    Stolen, Ketil
    PROCEEDINGS OF THE 13TH INTERNATIONAL CONFERENCE ON EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING, 2018, : 26 - 38
  • [15] Argumentation-Based Security Requirements Elicitation: The Next Round
    Ionita, Dan
    Bullee, Jan-Willem
    Wieringa, Roel J.
    2014 IEEE 1ST WORKSHOP ON EVOLVING SECURITY AND PRIVACY REQUIREMENTS ENGINEERING (ESPRE), 2014, : 7 - 12
  • [16] A Systemic Approach for Natural Language Scenario Elicitation of Security Requirements
    Hibshi, Hanan
    Jones, Stephanie T.
    Breaux, Travis D.
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (06) : 3579 - 3591
  • [17] An Ontology Based Collaborative Recommender System for Security Requirements Elicitation
    Williams, Imano
    2018 IEEE 26TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE 2018), 2018, : 448 - 453
  • [18] Security Requirements Elicitation Using Method Weaving and Common Criteria
    Saeki, Motoshi
    Kaiya, Haruhiko
    MODELS IN SOFTWARE ENGINEERING, 2009, 5421 : 185 - +
  • [19] Problem-Based Security Requirements Elicitation and Refinement with PresSuRE
    Fassbender, Stephan
    Heisel, Maritta
    Meis, Rene
    SOFTWARE TECHNOLOGIES, ICSOFT 2014, 2015, 555 : 311 - 330
  • [20] SREM: A service requirements elicitation mechanism based on ontology
    Xiang, Jian
    Liu, Lin
    Qiao, Wei
    Yang, Jingwei
    COMPSAC 2007: THE THIRTY-FIRST ANNUAL INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE, VOL I, PROCEEDINGS, 2007, : 196 - +
12345