Affiliation:
1. Karunya Institute of Technology and Sciences
2. Karpagam College of Engineering
3. Beni-Suef University
Abstract
Abstract
Worldwide, new devices in every sphere of the walk are emerging daily, and a more significant percentage of them are software-driven. Consequently, the software development process is prone to errors, bugs, and frequent changes to the requirements and the software leading to abnormal deviation in time to deliver. Another aspect being considered is the security of the software at the time of (Software Development Life Cycle) SDLC. As a part of secure software engineering, the model transformation involves the information security aspects in the early phases of SDLC. Hence, Automation of the software development process, though not entirely, is inevitable. In this research, platform-independent models are generated with security attributes such as Integrity, Privacy, Security Audit, non-repudiation, and authentication. A template-based source code generator is used to produce the structure of the source model. The Secure Business Process Model (SBPM) has a set of Unified Modeling Language (UML) artifacts such as analysis level classes and sequence diagrams with security attributes by taking the activity model as a source. Security requirements are associated with elements extracted from the source model. Structural codes for the source model with security-enabled members are generated.
Publisher
Research Square Platform LLC
Reference47 articles.
1. N. Mayer, P. Heymans, and R. Matulevičius, "Design of a Modelling Language for Information System Security Risk Management," Proc. 1st Int. Conf. Res. challenges Inf. Sci., pp. 121–132, 2007.
2. "Security Requirements Engineering: A Framework for Representation and Analysis,";Haley CB;IEEE Trans. Softw. Eng.,2008
3. "A common criteria based security requirements engineering process for the development of secure information systems,";Mellado D;Comput. Stand. Interfaces,2007
4. Security requirements engineering framework for software product lines,";Mellado D;Inf. Softw. Technol.,2010
5. "Software requirements and architecture modeling for evolving non-secure applications into secure applications,";Shin ME;Sci. Comput. Program.,2007