American Journal of Applied Sciences | |
Secured Requirement Specification Framework (SRSF) | Science Publications | |
K. Mustafa1  R. A. Khan1  | |
关键词: Software security; security requirement; risk analysis; use cases; abuse cases; secure software development life cycle; | |
DOI : 10.3844/ajassp.2008.1622.1629 | |
学科分类:自然科学(综合) | |
来源: Science Publications | |
【 摘 要 】
Generally, software engineers are poorly trained to elicit, analyze and specify security requirements, often confusing them with the architectural security mechanisms that are traditionally used to fulfill them. One of the most ignored parts of a security-enhanced software development lifecycle is the security requirements engineering process. Security should begin at the requirements level and must cover both overt functional security and emergent characteristics. A critical review of literature on the attempts in this regard reveals that there is no standard framework or model available for delivering secured software requirement specification. This study presents a framework for the security requirement specification called Secured Requirement Specification Framework (SRSF), which is prescriptive in nature.
【 授权许可】
Unknown
【 预 览 】
Files | Size | Format | View |
---|---|---|---|
RO201911300029336ZK.pdf | 188KB | download |