Browse By Repository:

 
 
 
   

A New Consistency Validation Approach To Enhance The Quality Of Functional Security Requirements For Secure Software

Mohtar, Syahida and Kamalrudin, Massila and Mustafa, Nuridawati and Sa'aya, Zurina and Abal Abas, Zuraida and Md Sanusi, Nurazlina (2018) A New Consistency Validation Approach To Enhance The Quality Of Functional Security Requirements For Secure Software. Project Report. Universiti Teknikal Malaysia Melaka, Melaka, Malaysia. (Submitted)

[img] Text (24 Pages)
A New Consistency Validation Approach To Enhance The Quality Of Functional Security Requirements For Secure Software.pdf - Submitted Version
Restricted to Registered users only
Download (895kB)

Abstract

Quality security requirements contribute to the success of secure software development.However,the process of eliciting security requirements is tedious and complex. It also requires requirements engineers to have security experience in the process of eliciting consistent security requirements from the clients-stakeholders.Most of the requirements engineers faced problems in eliciting consistent security compliance requirements from the clients-stakeholders as they misunderstood the real needs and the security term used.Thus,this resulted to inconsistent security requirements being elicited.The inconsistency leads to incorrect and insecure software systems being developed as well as to disruptions of schedule and increase of a project's expenditure. Motivated from these problems,this study aimed to propose a new approach for consistency validation of functional security requirements.Here,security requirements specifications will be collected from software vendors to analyze the flow of functional security requirements process.Next,visual differencing will be integrated to cross-validate the consistency of the elicited functional security requirements with the best-practice template. Here,a security requirements best-practice template pattern library will be designed and a new mathematical formulation that defines the consistency validation rules of security requirements will also be constructed.The formulation is based on security-related semi-formalized model,called SecEssential Use Case (SecEUC).This approach is then be realized with a proof concept prototype tool and compared with the existing approaches,focusing on its ability to validate the inconsistency of the functional security requirements.Finally,this study is believed could provide a positive impact to the software industry by reducing the development cost as it allows the requirements engineers to validate the inconsistency that occur in the elicited security compliance requirements at the early stage of the secure software development.

Item Type: Final Year Project (Project Report)
Uncontrolled Keywords: Computer software -- Development,Computer software -- Validation
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics > QA76 Computer software
Divisions: Library > Long/ Short Term Research > FTMK
Depositing User: Mohd. Nazir Taib
Date Deposited: 28 Feb 2020 07:20
Last Modified: 28 Feb 2020 07:20
URI: http://digitalcollection.utem.edu.my/id/eprint/24281

Actions (login required)

View Item View Item
Download Statistics

Downloads

Downloads per month over past year
 
UNIVERSITI TEKNIKAL MALAYSIA MELAKA DIGITAL COLLECTION is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.