| Peer-Reviewed

Model to Quantify Availability at Requirement Phase of Secure Software

Received: 4 September 2015     Accepted: 16 September 2015     Published: 26 September 2015
Views:       Downloads:
Abstract

A number of security mechanisms are available to protect data such as digital signature, audits log, encryption, refining etc. however they completely not able to stop malevolent attacks. Hackers and attackers continuously try to exploit security which can be easily pushed through loopholes that are available at users end. The core reasons for such problem are mainly generated by terrible software requirements which are implemented without proper analysis of risks and threats. In order to reduce vulnerabilities security requirements standards, policies are tightly bound and used right from the beginning of software development. The major purpose of security standards and policy is to ensure that the data is always available at random in order to support security requirements against identified risks. The focus on this paper is to propose a model to quantify availability (MQAR) by using multiple regression technique at requirement phase. To rationalize the model statistical data is used to validate assess availability at requirement level and the significance of this study concludes that the calculated data is highly acceptable.

Published in American Journal of Software Engineering and Applications (Volume 4, Issue 5)
DOI 10.11648/j.ajsea.20150405.12
Page(s) 86-91
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2015. Published by Science Publishing Group

Keywords

Software Security, Requirement Attributes, Security Quantification, Availability Quantification Model

References
[1] Pfleeger, Shari Lawrence, and Robert K. Cunningham. "Why Measuring Security Is Hard." copublished by the IEEE computer and reliability societies. (2010): 46-54.
[2] Wayne Jansen, “Directions in Security Metrics Research”, National Institute of standards and technology, NISTR 7564, March 2009.
[3] M. Grottke, H. Sun, R. Fricks, and K. Trivedi, “Ten fallacies of availability and reliability analysis,” in Service Availability, ser. Lecture Notes in Computer Science, T. Nanya, F. Maruyama, A. Pataricza, and M. Malek, Eds. Springer Berlin Heidelberg, 2008, vol. 5017, PP. 187– 206.
[4] Antti Evesti, Eila Niemela, Katia Henttonen and MakoPalviainen, “A Tool Chain for Quality-driven Software Architecting”, 2008, IEEE International Software Product LineConference.
[5] DOI: http://www.cert.org.
[6] I. Flechais, M. Sasse and S M V Hailes, “Bringing Security Home: A Process for developing secure and usable systems”, NSPW’03, ACM, August 2003, pp: 18-21.
[7] B. B. Madan, K. G. Popstojanova, K. Vaidyanation and K. S. Trivedi, “A Method for Modeling and Quantifying the Security Attributes of Intrusion Tolerant System”, An International Journal of Performance Evaluation, 56, 2004, Elsevier. 167-186.
[8] Nikhat, Parveen, Md. Rizwan Beg, et al. "Software Security Issues: Requirement Perspectives." International Journal of Scientific & Engineering Research ISSN 2229-5518. Volume- 5.Issue-7, July 2014, pages: 11-15.
[9] G. H. Walton, T. A. Longstaff, R. C. Linder, Computational Evaluation of Software Security Attributes, IEEE, 1997.
[10] DOI: http://www.sqa.net/softwarequalitymetrics.html.
[11] Parveen, Nikhat, Md. Rizwan Beg, and M. H Khan. "Bridging the Gap between Requirement and Security through Secure Requirement Specification Checklist." International Journal of Advanced Computational Engineering and Networking(IJACEN), ISSN: 2320-2106, Volume-3, Issue-2, Feb.-2015.
[12] Iqbal, Shahid, and M. Naeem Ahmed Khan. "Yet another Set of Requirement Metrics for Software Projects."International Journal of Software Engineering and Its Applications. 6.1 (2012): 19-28.
[13] Bokhari, Mohammad Ubaidullah, and Shams Tabrez Ubaidullah Siddiqui. "Metrics for Requirements Engineering and Automated Requirements Tools."Proceedings of the 5th National Conference; INDIACom-2011.
[14] Ali, Mohammed Javeed. "Metrics for Requirements Engineering." (2006): .
[15] C. Wang and Wulf, “A Framework for Security Measurement,” in Proc. National Information Systems Security Conference, pp: 522-533, 7-10 Oct. 1997.
[16] S. Chandra, R. A. Khan, “Implementing Availability State Transition Model to Quantify Risk Factor”, Advances in Computer Science, Engineering &Application, AISC, Springer, 2012 -, Pages: 937-952.
Cite This Article
  • APA Style

    Nikhat Parveen, Mohammad Rizwan Beg, M. H. Khan. (2015). Model to Quantify Availability at Requirement Phase of Secure Software. American Journal of Software Engineering and Applications, 4(5), 86-91. https://doi.org/10.11648/j.ajsea.20150405.12

    Copy | Download

    ACS Style

    Nikhat Parveen; Mohammad Rizwan Beg; M. H. Khan. Model to Quantify Availability at Requirement Phase of Secure Software. Am. J. Softw. Eng. Appl. 2015, 4(5), 86-91. doi: 10.11648/j.ajsea.20150405.12

    Copy | Download

    AMA Style

    Nikhat Parveen, Mohammad Rizwan Beg, M. H. Khan. Model to Quantify Availability at Requirement Phase of Secure Software. Am J Softw Eng Appl. 2015;4(5):86-91. doi: 10.11648/j.ajsea.20150405.12

    Copy | Download

  • @article{10.11648/j.ajsea.20150405.12,
      author = {Nikhat Parveen and Mohammad Rizwan Beg and M. H. Khan},
      title = {Model to Quantify Availability at Requirement Phase of Secure Software},
      journal = {American Journal of Software Engineering and Applications},
      volume = {4},
      number = {5},
      pages = {86-91},
      doi = {10.11648/j.ajsea.20150405.12},
      url = {https://doi.org/10.11648/j.ajsea.20150405.12},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajsea.20150405.12},
      abstract = {A number of security mechanisms are available to protect data such as digital signature, audits log, encryption, refining etc. however they completely not able to stop malevolent attacks. Hackers and attackers continuously try to exploit security which can be easily pushed through loopholes that are available at users end. The core reasons for such problem are mainly generated by terrible software requirements which are implemented without proper analysis of risks and threats. In order to reduce vulnerabilities security requirements standards, policies are tightly bound and used right from the beginning of software development. The major purpose of security standards and policy is to ensure that the data is always available at random in order to support security requirements against identified risks. The focus on this paper is to propose a model to quantify availability (MQAR) by using multiple regression technique at requirement phase. To rationalize the model statistical data is used to validate assess availability at requirement level and the significance of this study concludes that the calculated data is highly acceptable.},
     year = {2015}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - Model to Quantify Availability at Requirement Phase of Secure Software
    AU  - Nikhat Parveen
    AU  - Mohammad Rizwan Beg
    AU  - M. H. Khan
    Y1  - 2015/09/26
    PY  - 2015
    N1  - https://doi.org/10.11648/j.ajsea.20150405.12
    DO  - 10.11648/j.ajsea.20150405.12
    T2  - American Journal of Software Engineering and Applications
    JF  - American Journal of Software Engineering and Applications
    JO  - American Journal of Software Engineering and Applications
    SP  - 86
    EP  - 91
    PB  - Science Publishing Group
    SN  - 2327-249X
    UR  - https://doi.org/10.11648/j.ajsea.20150405.12
    AB  - A number of security mechanisms are available to protect data such as digital signature, audits log, encryption, refining etc. however they completely not able to stop malevolent attacks. Hackers and attackers continuously try to exploit security which can be easily pushed through loopholes that are available at users end. The core reasons for such problem are mainly generated by terrible software requirements which are implemented without proper analysis of risks and threats. In order to reduce vulnerabilities security requirements standards, policies are tightly bound and used right from the beginning of software development. The major purpose of security standards and policy is to ensure that the data is always available at random in order to support security requirements against identified risks. The focus on this paper is to propose a model to quantify availability (MQAR) by using multiple regression technique at requirement phase. To rationalize the model statistical data is used to validate assess availability at requirement level and the significance of this study concludes that the calculated data is highly acceptable.
    VL  - 4
    IS  - 5
    ER  - 

    Copy | Download

Author Information
  • Department of Computer Application, Integral University, Lucknow, India

  • Department of Computer Application, Integral University, Lucknow, India

  • Department of Computer Engineering, Institute of Engineering and Technology, Lucknow, India

  • Sections