American Journal of Software Engineering and Applications
Volume 4, Issue 5, October 2015, Pages: 86-91
Received: Sep. 4, 2015;
Accepted: Sep. 16, 2015;
Published: Sep. 26, 2015
Views 3704 Downloads 103
Nikhat Parveen, Department of Computer Application, Integral University, Lucknow, India
Mohammad Rizwan Beg, Department of Computer Application, Integral University, Lucknow, India
M. H. Khan, Department of Computer Engineering, Institute of Engineering and Technology, Lucknow, India
A number of security mechanisms are available to protect data such as digital signature, audits log, encryption, refining etc. however they completely not able to stop malevolent attacks. Hackers and attackers continuously try to exploit security which can be easily pushed through loopholes that are available at users end. The core reasons for such problem are mainly generated by terrible software requirements which are implemented without proper analysis of risks and threats. In order to reduce vulnerabilities security requirements standards, policies are tightly bound and used right from the beginning of software development. The major purpose of security standards and policy is to ensure that the data is always available at random in order to support security requirements against identified risks. The focus on this paper is to propose a model to quantify availability (MQAR) by using multiple regression technique at requirement phase. To rationalize the model statistical data is used to validate assess availability at requirement level and the significance of this study concludes that the calculated data is highly acceptable.
Mohammad Rizwan Beg,
M. H. Khan,
Model to Quantify Availability at Requirement Phase of Secure Software, American Journal of Software Engineering and Applications.
Vol. 4, No. 5,
2015, pp. 86-91.
Pfleeger, Shari Lawrence, and Robert K. Cunningham. "Why Measuring Security Is Hard." copublished by the IEEE computer and reliability societies. (2010): 46-54.
Wayne Jansen, “Directions in Security Metrics Research”, National Institute of standards and technology, NISTR 7564, March 2009.
M. Grottke, H. Sun, R. Fricks, and K. Trivedi, “Ten fallacies of availability and reliability analysis,” in Service Availability, ser. Lecture Notes in Computer Science, T. Nanya, F. Maruyama, A. Pataricza, and M. Malek, Eds. Springer Berlin Heidelberg, 2008, vol. 5017, PP. 187– 206.
Antti Evesti, Eila Niemela, Katia Henttonen and MakoPalviainen, “A Tool Chain for Quality-driven Software Architecting”, 2008, IEEE International Software Product LineConference.
I. Flechais, M. Sasse and S M V Hailes, “Bringing Security Home: A Process for developing secure and usable systems”, NSPW’03, ACM, August 2003, pp: 18-21.
B. B. Madan, K. G. Popstojanova, K. Vaidyanation and K. S. Trivedi, “A Method for Modeling and Quantifying the Security Attributes of Intrusion Tolerant System”, An International Journal of Performance Evaluation, 56, 2004, Elsevier. 167-186.
Nikhat, Parveen, Md. Rizwan Beg, et al. "Software Security Issues: Requirement Perspectives." International Journal of Scientific & Engineering Research ISSN 2229-5518. Volume- 5.Issue-7, July 2014, pages: 11-15.
G. H. Walton, T. A. Longstaff, R. C. Linder, Computational Evaluation of Software Security Attributes, IEEE, 1997.
Parveen, Nikhat, Md. Rizwan Beg, and M. H Khan. "Bridging the Gap between Requirement and Security through Secure Requirement Specification Checklist." International Journal of Advanced Computational Engineering and Networking(IJACEN), ISSN: 2320-2106, Volume-3, Issue-2, Feb.-2015.
Iqbal, Shahid, and M. Naeem Ahmed Khan. "Yet another Set of Requirement Metrics for Software Projects."International Journal of Software Engineering and Its Applications. 6.1 (2012): 19-28.
Bokhari, Mohammad Ubaidullah, and Shams Tabrez Ubaidullah Siddiqui. "Metrics for Requirements Engineering and Automated Requirements Tools."Proceedings of the 5th National Conference; INDIACom-2011.
Ali, Mohammed Javeed. "Metrics for Requirements Engineering." (2006): .
C. Wang and Wulf, “A Framework for Security Measurement,” in Proc. National Information Systems Security Conference, pp: 522-533, 7-10 Oct. 1997.
S. Chandra, R. A. Khan, “Implementing Availability State Transition Model to Quantify Risk Factor”, Advances in Computer Science, Engineering &Application, AISC, Springer, 2012 -, Pages: 937-952.