Security Requirements Elicitation and Assessment Mechanism (SecREAM)

被引:0
|
作者
Goel, Rajat [1 ]
Govil, M. C. [1 ]
Singh, Girdhari [1 ]
机构
[1] Malaviya Natl Inst Technol, Dept Comp Sci & Engn, Jaipur, Rajasthan, India
来源
2015 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI) | 2015年
关键词
SecREAM; software development life cycle; requirement elicitation; assessment mechanism; SaaS;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Today, when most of the software are web-based or cloud-based having a variety of stakeholders with intertwined requirements, developing secure software is a complex issue. Usually, security is neglected during the development process. Now, the researchers emphasize on inclusion of security in development process, especially during the early phases. This paper suggests Security Requirements Elicitation and Assessment Mechanism (SecREAM), a novel methodology to imbibe security right from the inception of the software. It is applicable to both kinds of software-on premise and on cloud. The crux of the methodology lies in actively involving all kinds of stakeholders and ranking of the required assets on the basis of certain parameters that will facilitate a well - understood design and help in making better technical and non-technical decisions later during the course of development.
引用
收藏
页码:1862 / 1866
页数:5
相关论文
共 50 条
  • [31] User Requirements Elicitation in Security and Counter-Terrorism: A Human Factors Approach
    Saikayasit, Rose
    Stedmon, Alex W.
    Lawson, Glyn
    JOURNAL OF POLICE AND CRIMINAL PSYCHOLOGY, 2013, 28 (02) : 162 - 170
  • [32] A Threat Analysis Methodology for Security Requirements Elicitation in Machine Learning Based Systems
    Wilhjelm, Carl
    Younis, Awad A.
    COMPANION OF THE 2020 IEEE 20TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY, AND SECURITY (QRS-C 2020), 2020, : 426 - 433
  • [33] CyberRank-Knowledge Elicitation for Risk Assessment of Database Security
    Grushka-Cohen, Hagit
    Sofer, Oded
    Biller, Ofer
    Shapira, Bracha
    Rokach, Lior
    CIKM'16: PROCEEDINGS OF THE 2016 ACM CONFERENCE ON INFORMATION AND KNOWLEDGE MANAGEMENT, 2016, : 2009 - 2012
  • [34] Security and Privacy Requirements for Cloud Computing in Healthcare: Elicitation and Prioritization from a Patient Perspective
    Ermakova, Tatiana
    Fabian, Benjamin
    Kornacka, Marta
    Thiebes, Scott
    Sunyaev, Ali
    ACM TRANSACTIONS ON MANAGEMENT INFORMATION SYSTEMS, 2020, 11 (02)
  • [35] System evolution through semi-automatic elicitation of security requirements: A Position Paper
    Vargas, Cyntia
    Buerger, Jens
    Viertel, Fabien
    Vogel-Heuser, Birgit
    Juerjens, Jan
    IFAC PAPERSONLINE, 2018, 51 (10): : 64 - 69
  • [36] New trends and requirements for dynamic security assessment
    Meyer, B
    Nativel, G
    CONTROL OF POWER SYSTEMS AND POWER PLANTS 1997 (CPSPP'97), 1998, : 557 - 562
  • [37] Assessment of Risk Perception in Security Requirements Composition
    Hibshi, Hanan
    Breaux, Travis D.
    Broomell, Stephen B.
    2015 IEEE 23RD INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE), 2015, : 146 - 155
  • [38] New trends and requirements for dynamic security assessment
    Meyer, B
    Nativel, C
    CONTROL ENGINEERING PRACTICE, 1999, 7 (03) : 375 - 380
  • [39] An Assessment of Security Requirements Compliance of Cloud Providers
    Bhensook, Nuntapun
    Senivongse, Twittie
    2012 IEEE 4TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2012,
  • [40] Managing Ethical Requirements Elicitation
    Siakas, Errikos
    Rahanu, Harjinder
    Loveday, Joanna
    Georgiadou, Elli
    Siakas, Kerstin
    Ross, Margaret
    SYSTEMS, SOFTWARE AND SERVICES PROCESS IMPROVEMENT, EUROSPI 2023, PT I, 2023, 1890 : 258 - 272
12345