RESEARCH ON SECURITY REQUIREMENTS ENGINEERING: PROBLEMS AND PROSPECTS

Abstract

Due to constant pressure on software development

team for development of workable software at a fast pace, the

focus of the development team has always been on the

functional requirements. As such, the identification and

implementation of nonfunctional requirements, especially,

security which otherwise is considered as a time consuming

and quality providing process has always been neglected. But

as per the available statistics, security has played a vital role in

the success and failure of software systems. The nonfunctional

requirement not only introduces characteristics like quality,

they also present constraints under which the system must

operate. This process maximizes the success of the software

system. As per the recent trend, software security is gaining

attention from the industries, experts and research

communities. The aim of development of secure software is

that it attempts to mitigate risks from assets so that the

business goals could be achieved. Measuring security of

software is still in its infancy and the properties and metrics

for measuring security needs to be properly defined. Further,

methods need to be made comprehensive for accurate and

complete measurement of security properties of software. This

research paper reviews the existing work done in the field of

security requirements engineering. In addition, it identifies the

future research work which could be carried out for

betterment of security incorporation in the software

development process