{"title":"Measuring security requirements for software security","authors":"Shareeful Islam, P. Falcarin","doi":"10.1109/CIS.2011.6169137","DOIUrl":null,"url":null,"abstract":"For the last decade's software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security.","PeriodicalId":286889,"journal":{"name":"2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2011.6169137","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 22
Abstract
For the last decade's software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
