Integrating Security and Usability at Requirement Specification Process

  IJCTT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© 2014 by IJCTT Journal
Volume-10 Number-5
Year of Publication : 2014
Authors : Nikhat Parveen , Rizwan Beg , M. H. Khan
DOI :  10.14445/22312803/IJCTT-V10P142

MLA

Nikhat Parveen , Rizwan Beg , M. H. Khan. "Integrating Security and Usability at Requirement Specification Process". International Journal of Computer Trends and Technology (IJCTT) V10(5):236-240 Apr 2014. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract -
To construct any software, Requirement process is the common knowledge in most development organization. For any development of process security requirement is rarely supported. Over the years, researcher and developers have undergone many methodologies and techniques to secure software development life-cycle. A critical review for the development of secure software, Security and its usability is integrated at requirement specification process.

References
[1] Asoke K Talukder, “Security-aware Software Developemnt Life Cycle(SaSDLC)- Processes and Tools”, IWOCON 2009, Cairo,Egypt, 28-30 April 2009.
[2] G.McGraw, “Software Assurance for Security”,IEEE Computer 32(4), pp. 103-105(April,1999).
[3] Ivan Flechais, Cecilia Mascolo and M. Angela Sasse, 2006. Integrating Security and Usability into the Requirements and Design Process, Proceedings of the Second International Conference on Global E-Security, London, UK, http://www.softeng.ox.ac.uk/personal/Ivan.Flechais/downloads/icges.pdf
[4] J.H. Saltzer and M.D. Schroeder, “The Protection of Informa¬tion in Computer Systems,” Proc. IEEE, vol. 63, no. 9, 1975, pp. 1278–1308.
[5] A. Adams and M.A. Sasse, “Us¬ers Are Not the Enemy,” Comm. ACM, vol. 42, no. 12, 1999, pp. 41–46.
[6] A. Whitten and J.D. Tygar, “Why Johnny Can’t Encrypt: A Usabili¬ty Evaluation of PGP 5.0,” Usenix Assoc., 1999, pp. 169–184.
[7] Ka-Ping, Y. User Interaction Design for Secure Systems. 2002. http://zesty.ca/sid
[8] Flechais, I., Sasse, M. A., & Hailes, S. M. Bringing Security Home: A process for developing secure and usable systems. New Security Paradigms Workshop 2003.
[9] Adams A, Sasse M A and Lunt P: ‘Making passwords secure and usable’, Thomas, editors, ‘People and Computers XII’, Proceedings of HCI`97, Bristol, Springer (August 1997).
[10] Jazayeri, M., 2002. On Architectural Stability and Evolution. Reliable Software Technologies-Ada-Europe, Vienna, Austria, pp: 17-21. http://www.infosys.tuwien.ac.at/Staff/mj/papers/ar chstab.pdf
[11] Denaro, G., A. Polini and W. Emmerich, 2004. Performance testing of distributed component architectures. Beydeda, S. and V. Gruhn (Eds.). Building Quality into COTS Components-Testing and Debugging. Springer. http://www.cs.ucl.ac.uk/staff/w.emmerich/publications/BeyadaGruhn/PerformanceTesting.pdf
[12] Guerra, P.A.D.C., C. Rubira and R. de Lemos, 2003. A Fault-Tolerant Software Architecture for Component-Based Systems. Lecture Notes in Computer Science. 2677: 129-149. Springer.
[13] Lorrie F.C. and Simson G., Guest Editors` Introduction: Secure or Usable?, Published by the IEEE Computer Society, SEPTEMBER/OCTOBER 2004 (Vol. 2, No. 5) pp. 16-18, 1540-7993/04/$31.00 © 2004 IEEE
[14] S.Lausen, Usability Requirements in a Tender Process, Published in: Proceedings of OZCHI’98, IEEE Computer Society, 1998.

Keywords
Software security, security requirement, usability requirement, risk analysis.