Integrating Security and Usability at Requirement Specification Process

Nikhat Parveen; Rizwan Beg; M. H. Khan

doi:https://doi.org/10.14445/22312803/IJCTT-V10P142

Research Article | Open Access | Download PDF

Volume 10 | Number 2 | Year 2014 | Article Id. IJCTT-V10P142 | DOI : https://doi.org/10.14445/22312803/IJCTT-V10P142

Integrating Security and Usability at Requirement Specification Process

Nikhat Parveen , Rizwan Beg , M. H. Khan

Citation :

Nikhat Parveen , Rizwan Beg , M. H. Khan, "Integrating Security and Usability at Requirement Specification Process," International Journal of Computer Trends and Technology (IJCTT), vol. 10, no. 2, pp. 236-240, 2014. Crossref, https://doi.org/10.14445/22312803/IJCTT-V10P142

Abstract

To construct any software, Requirement process is the common knowledge in most development organization. For any development of process security requirement is rarely supported. Over the years, researcher and developers have undergone many methodologies and techniques to secure software development life-cycle. A critical review for the development of secure software, Security and its usability is integrated at requirement specification process.

Keywords

Software security, security requirement, usability requirement, risk analysis.

References

[1] Asoke K Talukder, “Security-aware Software Developemnt Life Cycle(SaSDLC)- Processes and Tools”, IWOCON 2009, Cairo,Egypt, 28-30 April 2009.
[2] G.McGraw, “Software Assurance for Security”,IEEE Computer 32(4), pp. 103-105(April,1999).
[3] Ivan Flechais, Cecilia Mascolo and M. Angela Sasse, 2006. Integrating Security and Usability into the Requirements and Design Process, Proceedings of the Second International Conference on Global E-Security, London, UK, http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/icges.pdf
[4] J.H. Saltzer and M.D. Schroeder, “The Protection of Informa¬tion in Computer Systems,” Proc. IEEE, vol. 63, no. 9, 1975, pp. 1278–1308.
[5] A. Adams and M.A. Sasse, “Us¬ers Are Not the Enemy,” Comm. ACM, vol. 42, no. 12, 1999, pp. 41–46.
[6] A. Whitten and J.D. Tygar, “Why Johnny Can’t Encrypt: A Usabili¬ty Evaluation of PGP 5.0,” Usenix Assoc., 1999, pp. 169–184.
[7] Ka-Ping, Y. User Interaction Design for Secure Systems. 2002. http://zesty.ca/sid
[8] Flechais, I., Sasse, M. A., & Hailes, S. M. Bringing Security Home: A process for developing secure and usable systems. New Security Paradigms Workshop 2003.
[9] Adams A, Sasse M A and Lunt P: ‘Making passwords secure and usable’, Thomas, editors, ‘People and Computers XII’, Proceedings of HCI`97, Bristol, Springer (August 1997).
[10] Jazayeri, M., 2002. On Architectural Stability and Evolution. Reliable Software Technologies-Ada-Europe, Vienna, Austria, pp: 17-21. http://www.infosys.tuwien.ac.at/Staff/mj/papers/ar chstab.pdf
[11] Denaro, G., A. Polini and W. Emmerich, 2004. Performance testing of distributed component architectures. Beydeda, S. and V. Gruhn (Eds.). Building Quality into COTS Components-Testing and Debugging. Springer. http://www.cs.ucl.ac.uk/staff/w.emmerich/publications/BeyadaGruhn/PerformanceTesting.pdf
[12] Guerra, P.A.D.C., C. Rubira and R. de Lemos, 2003. A Fault-Tolerant Software Architecture for Component-Based Systems. Lecture Notes in Computer Science. 2677: 129-149. Springer.
[13] Lorrie F.C. and Simson G., Guest Editors` Introduction: Secure or Usable?, Published by the IEEE Computer Society, SEPTEMBER/OCTOBER 2004 (Vol. 2, No. 5) pp. 16-18, 1540-7993/04/$31.00 © 2004 IEEE
[14] S.Lausen, Usability Requirements in a Tender Process, Published in: Proceedings of OZCHI’98, IEEE Computer Society, 1998.