Title :
Measuring security requirements for software security
Author :
Islam, Shareeful ; Falcarin, Paolo
Author_Institution :
Sch. of Comput., IT & Eng., Univ. of East London, London, UK
Abstract :
For the last decade´s software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security.
Keywords :
business data processing; formal specification; risk management; security of data; software metrics; asset based risk management; business goal; goal-question-metric approach; risk mitigation; secure software; security metrics; security requirement; software security goal; software security measurement; Authentication; Authorization; Availability; Software; Software measurement; Security metrics; security goal; security requirements; software security;
Conference_Titel :
Cybernetic Intelligent Systems (CIS), 2011 IEEE 10th International Conference on
Conference_Location :
London
Print_ISBN :
978-1-4673-0687-4
DOI :
10.1109/CIS.2011.6169137
