For the last decade's software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security.
Measuring Security Requirements for Software Security
Paolo Falcarin
2011-01-01
Abstract
For the last decade's software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security.
| File | Dimensione | Formato | |
|---|---|---|---|
|
7.pdf
accesso aperto
Tipologia:
Documento in Pre-print
Licenza:
Accesso gratuito (solo visione)
Dimensione
188.68 kB
Formato
Adobe PDF
|
188.68 kB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
