Software Engineering

P. Salini
Department of Computer Science, Pondicherry Engineering College, India

S. Kanmani
Department of Information Technology, Pondicherry Engineering College., India

Abstract

Security engineering is a new research area in software engineering that covers the definition of processes, plans and designs for security. The researchers are working in this area and however there is a lack in security requirements treatment in this field. The security requirements is one of the non functional requirements which acts as constrains on the functions of the system. An increasing part of the communication and sharing of information in our society utilizes electronic media. Many organizations, especially distributed and Net-centric are entirely dependent on well functioning information systems. Thus IT security is becoming central to the ability to fulfill business goals, build trustworthy systems, and protect assets. In order to develop systems with adequate security features, it is essential to capture the corresponding security needs and requirements. Security requirements engineering is emerging as a branch of software engineering, spurred by the realization that security must be dealt with early during requirements phase. A number of researchers' proposals have major limitations as they treat security in system oriented terms. In this paper we present a view on Security Requirements, Security Requirements issues, types, and the framework for Security Requirements Engineering. We also have presented about the challenges to web application security and evaluated the Security Requirements Engineering framework for web applications.

Keywords