Experimental Evaluation of Security Requirements Engineering Benefits
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 11
Abstract
Security Requirements Engineering (SRE) approaches are designed to improve information system security by thinking about security requirements at the beginning of the software development lifecycle. This paper is a quantitative evaluation of the benefits of applying such an SRE approach. The followed methodology was to develop two versions of the same web application, with and without using SRE, then comparing the level of security in each version by running different test tools. The subsequent results clearly support the benefits of the early use of SRE with a 38% security improvement in the secure version of the application. This security benefit reaches 67% for high severity vulnerabilities, leaving only non-critical and easy-to-fix vulnerabilities.
Authors and Affiliations
Jaouad Boutahar, Ilham Maskani, Souhaïl El Ghazi El Houssaïni
Keywords
Related Articles
- EP ID EP417695
- DOI 10.14569/IJACSA.2018.091158
- Views 88
- Downloads 0
Detection and Removal of Gray, Black and Cooperative Black Hole Attacks in AODV Technique
Mobile ad hoc network (MANET) is an autonomous self-configuring infrastructure-less wireless network. MANET is vulnerable to a lot of routing security threats due to unreliability of its nodes that are highly involved in...
On Integrating Mobile Applications into the Digital Forensic Investigative Process
What if a tool existed that allowed digital forensic investigators to create their own apps that would assist them with the evidence identification and collection process at crime scenes? First responders are responsible...
Effects of Modulation Index on Harmonics of SP-PWM Inverter Supplying Universal Motor
This manuscript presents the effects of changing modulation indices on current and voltage harmonics of universal motor when it is supplied by single phase PWM (SP-PWM) inverter, the effect has been analyzed with simulat...
Static Filtered Sky Color Constancy
In Computer Vision, the sky color is used for lighting correction, image color enhancement, horizon alignment, image indexing, and outdoor image classification and in many other applications. In this article, for robust...
A Decision Tree Approach for Predicting Student Grades in Research Project using Weka
Data mining in education is an emerging multidiscipline research field especially with the upsurge of new technologies used in educational systems that led to the storage of massive student data. This study used classifi...