TY - GEN
T1 - Integrated security model for managing the security non-functional requirements at architectural design of internet-based systems
AU - Babar, Muhammad
AU - Azeem, Shahid
AU - Arif, Fahim
AU - Iqbal, Waseem
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/2
Y1 - 2018/7/2
N2 - Security in software systems has gained too much attention by the industries, scientific organizations, banks and other areas for the last few decades. Developing secure software needs focus on both the functional and non-functional requirements. Functional requirements are taken into account during the early stages of development while unfortunately the non-functional requirements are either ignored or less considered which results in the high cost of maintenance after delivery of the software and may compromise the security. There exist many methodologies to deal security at the very beginning of the system development at architecture level; however, there are gaps in each approach to meet the desired security of internet-based systems. The existing approaches are described for analyzing and integrating the security at architectural level. This paper presents an integrated security model to deal with the system security requirements at architectural design level internet-based systems. The proposed integrated model is validated with the help of case study of online banking system.
AB - Security in software systems has gained too much attention by the industries, scientific organizations, banks and other areas for the last few decades. Developing secure software needs focus on both the functional and non-functional requirements. Functional requirements are taken into account during the early stages of development while unfortunately the non-functional requirements are either ignored or less considered which results in the high cost of maintenance after delivery of the software and may compromise the security. There exist many methodologies to deal security at the very beginning of the system development at architecture level; however, there are gaps in each approach to meet the desired security of internet-based systems. The existing approaches are described for analyzing and integrating the security at architectural level. This paper presents an integrated security model to deal with the system security requirements at architectural design level internet-based systems. The proposed integrated model is validated with the help of case study of online banking system.
KW - Architecture
KW - Internet-based Systems
KW - NFRs
UR - http://www.scopus.com/inward/record.url?scp=85062402644&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85062402644&partnerID=8YFLogxK
U2 - 10.1109/FIT.2018.00015
DO - 10.1109/FIT.2018.00015
M3 - Conference contribution
AN - SCOPUS:85062402644
T3 - Proceedings - 2018 International Conference on Frontiers of Information Technology, FIT 2018
SP - 41
EP - 46
BT - Proceedings - 2018 International Conference on Frontiers of Information Technology, FIT 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 16th International Conference on Frontiers of Information Technology, FIT 2018
Y2 - 17 December 2018 through 19 December 2018
ER -