A Novel Model for Security Requirements Process
نویسندگان
چکیده
Nowadays, mostly security solutions are mainly focused on how to defend against various threats, including insider threats and outsider threats, instead of trying to solve security issues from their sources. In this paper, a security requirements engineering process is presented for security requirements elicitation and analysis. And the proposed process will deal with the security requirements at the earlier stages of system design in a systematic way. Thus critical security risks to the business will be considered in the development of the security requirements.
منابع مشابه
A semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملA novel approach in robust group decision making for supply strategic planning
Long-term planning is a challenging process for dealing with problems in big industries. Quick and flexible process of responding to the existing variable requirements are considered in such problems. Some of important strategic decisions which should be made in this field are, namely the way that manufacturing facilities should be applied as well as assignment and design the system of delivery...
متن کاملMapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملPrivate Key based query on encrypted data
Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted d...
متن کاملA Novel Image Encryption Model Based on Hybridization of Genetic Algorithm, Chaos Theory and Lattice Map
Encryption is an important issue in information security which is usually provided using a reversible mathematical model. Digital image as a most frequently used digital product needs special encryption algorithms. This paper presents a new encryption algorithm high security for digital gray images using genetic algorithm and Lattice Map function. At the first the initial value of Logistic Map ...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کامل