Performance Analysis of Security Requirements Engineering Framework by Measuring the Vulnerabilities

IAJIT
Archive
- Volume 20, 2023
  
  January 2023, No.1
  
  March 2023, No.2
- Volume 19, 2022
  
  January 2022, No.1
  
  March 2022, No.2
  
  May 2022, No. 3
  
  Special Issue 2022, No. 3A
  
  July 2022, No. 4
  
  September 2022, No. 5
  
  November 2022, No. 6
- Volume 18, 2021
  
  January 2021, No.1
  
  March 2021, No.2
  
  May 2021, No. 3
  
  Special Issue 2021, No. 3A
  
  July 2021, No. 4
  
  September 2021, No. 5
  
  November 2021, No. 6
- Volume 17, 2020
  
  January 2020, No.1
  
  March 2020, No. 2
  
  May 2020, No. 3
  
  July 2020, No. 4
  
  Special Issue 2020, No. 4A
  
  September 2020, No. 5
  
  November 2020, No. 6
- Volume 16, 2019
  
  January 2019, No.1
  
  March 2019, No. 2
  
  May 2019, No. 3
  
  Special Issue 2019, No. 3A
  
  July 2019, No. 4
  
  September 2019, No. 5
  
  November 2019, No. 6
- Volume 15, 2018
  
  January 2018, No.1
  
  March 2018, No. 2
  
  May 2018, No. 3
  
  Special Issue 2018, No. 3A
  
  July 2018, No. 4
  
  September 2018, No. 5
  
  November 2018, No. 6
- Volume 14, 2017
  
  January 2017, No.1
  
  March 2017, No. 2
  
  May 2017, No. 3
  
  July 2017, No. 4
  
  pecial Issue 2017, No. 4A
  
  September 2017, No 5
  
  November 2017, No. 6
- Volume 13, 2016
  
  January 2016. No.1
  
  March 2016, No. 2
  
  May 2016, No. 3
  
  July 2016, No.4
  
  September 2016, No.5
  
  November 2016, No.6
- Volume 12, 2015
  
  January 2015. No.1
  
  March 2015. No.2
  
  May 2015. No.3
  
  July 2015. No.4
  
  September 2015. No. 5
  
  November 2015. No. 6
  
  December 2015. No. 6A
- Volume 11, 2014
  
  January 2014, No.1
  
  March 2014, No.2
  
  May 2014, No.3
  
  July 2014, No.4
  
  November 2014, No.6
- Volume 10, 2013
  
  January 2013, No. 1
  
  March 2013, No.2
  
  May 2013, No. 3
  
  July 2013, No. 4
  
  November 2013, No. 6
- Volume 9, 2012
  
  January 2012, No. 1
  
  March 2012, No. 2
  
  May 2012, No. 3
  
  July 2012, No. 4
  
  September 2012, No. 5
  
  November 2012, No. 6
- Volume 8, 2011
  
  January 2011, No 1
  
  April 2011, No. 2
  
  July 2011, No. 3
  
  October 2011, No.4
- Volume 7, 2010
  
  October 2010, No. 4
  
  July 2010, No. 3
  
  April 2010, No. 2
  
  January 2010, No. 1
- Volume 6, 2009
  
  January 2009, No. 1
  
  April 2009, No. 2
  
  July 2009, No. 3
  
  October 2009, No. 4
  
  November 2009, No. 5
- Volume 5, 2008
  
  January 2008, No. 1
  
  April 2008, No.2
  
  July 2008, No. 3
  
  October 2008, No. 4
- Volume 4, 2007
  
  January 2007, No. 1
  
  April 2007, No. 2
  
  July 2007, No.3
  
  October 2007, No. 4
- Volume 3, 2006
  
  January 2006, No. 1
  
  April 2006, No. 2
  
  July 2006, No. 3
  
  October 2006, No. 4
- Volume 2, 2005
  
  January 2005, No. 1
  
  April 2005, No. 2
  
  July 2005, No. 3
  
  October 2005, No. 4
- Volume 1, 2003-2004
  
  July 2004, No. 2
  
  January 2004, No. 1
  
  July 2003, No. 0
About IAJIT
About CCIS
IAJIT Impact Factor

Performance Analysis of Security Requirements Engineering Framework by Measuring the Vulnerabilities

Written by Super User
Update: 24/04/2018

font size decrease font size increase font size
Print
Email
Rate this item
- 1
- 2
- 3
- 4
- 5
(0 votes)

Performance Analysis of Security Requirements

Engineering Framework by Measuring the Vulnerabilities

Salini Prabhakaran¹ and Kanmani Selvadurai²

¹Department of Computer Science and Engineering, Pondicherry Engineering College, India

²Department of Information Technology, Pondicherry Engineering College, India

Abstract: To develop security critical web applications, specifying security requirements is important, since 75% to 80% of all attacks happen at the web application layer. We adopted security requirements engineering methods to identify security requirements at the early stages of software development life cycle so as to minimize vulnerabilities at the later phases. In this paper, we present the evaluation of Model Oriented Security Requirements Engineering (MOSRE) framework and Security Requirements Engineering Framework (SREF) by implementing the identified security requirements of a web application through each framework while developing respective web application. We also developed a web application without using any of the security requirements engineering method in order to prove the importance of security requirements engineering phase in software development life cycle. The developed web applications were scanned for vulnerabilities using the web application scanning tool. The evaluation was done in two phases of software development life cycle: requirements engineering and testing. From the results, we observed that the number of vulnerabilities detected in the web application developed by adopting MOSRE framework is less, when compared to the web applications developed adopting SREF and without using any security requirements engineering method. Thus, this study led the requirements engineers to use MOSRE framework to elicit security requirements efficiently and also trace security requirements from requirements engineering phase to later phases of software development life cycle for developing secure web applications.

Keywords: Requirements engineering, security mechanism, security requirements, security requirements engineering, web applications and vulnerabilities.

Received December 15, 2014; accepted April 5, 2015

Full text

Read 1987 times Last modified on Thursday, 17 May 2018 05:46

Published in May 2018, No. 3 ( May 2018, No. 3 )

Share

Super User

Latest from Super User

More in this category: « Advanced Architecture for Java Universal Message Passing (AA-JUMP) Hybrid Metaheuristic Algorithm for Real Time Task Assignment Problem in Heterogeneous Multiprocessor »