{"title":"Extending V-model practices to support SRE to build secure web application","authors":"Ala A. Abdulrazeg, N. Norwawi, N. Basir","doi":"10.1109/ICACSIS.2014.7065838","DOIUrl":null,"url":null,"abstract":"Technological advancements and rapid growth in the use of the Internet by the society have had a huge impact on information security. It has triggered the need for a major shift in the way web applications are developed. The high level security of these applications is crucial to their success. Therefore, information security has become a core requirement for producing trustworthy software driven by the need to guard critical assets. To develop a web application with adequate security features, it is highly recommended to capture security requirements early in the development lifecycle. In this paper, we propose a way of extending the V-Model requirements engineering phase to aid developers to engineer security requirements for a web application being developed, as well as, handling the security test planning. The aim is to support the proactive definition of security requirements by integrating security requirements engineering (SRE) activities with requirements engineering (RE) activities of the V-model.","PeriodicalId":443250,"journal":{"name":"2014 International Conference on Advanced Computer Science and Information System","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Advanced Computer Science and Information System","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACSIS.2014.7065838","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Technological advancements and rapid growth in the use of the Internet by the society have had a huge impact on information security. It has triggered the need for a major shift in the way web applications are developed. The high level security of these applications is crucial to their success. Therefore, information security has become a core requirement for producing trustworthy software driven by the need to guard critical assets. To develop a web application with adequate security features, it is highly recommended to capture security requirements early in the development lifecycle. In this paper, we propose a way of extending the V-Model requirements engineering phase to aid developers to engineer security requirements for a web application being developed, as well as, handling the security test planning. The aim is to support the proactive definition of security requirements by integrating security requirements engineering (SRE) activities with requirements engineering (RE) activities of the V-model.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
