Research on security requirements engineering: problems and prospects

Arpita Banerjee, Megha Sharma, C. Banerjee, Santosh K Pandey

Abstract

Due to constant pressure on software development team for development of workable software at a fast pace, the focus of the development team has always been on the functional requirements. As such, the identification and implementation of nonfunctional requirements, especially, security which otherwise is considered as a time consuming and quality providing process has always been neglected. But as per the available statistics, security has played a vital role in the success and failure of software systems. The nonfunctional requirement not only introduces characteristics like quality, they also present constraints under which the system must operate. This process maximizes the success of the software system. As per the recent trend, software security is gaining attention from the industries, experts and research communities. The aim of development of secure software is that it attempts to mitigate risks from assets so that the business goals could be achieved. Measuring security of software is still in its infancy and the properties and metrics for measuring security needs to be properly defined. Further, methods need to be made comprehensive for accurate and complete measurement of security properties of software. This research paper reviews the existing work done in the field of security requirements engineering. In addition, it identifies the future research work which could be carried out for betterment of security incorporation in the software development process.



Full Text Pdf