Model Oriented Security Requirements Engineering (MOSRE) framework for web applications

Abstract

In the recent years, tasks such as the Security Requirements Elicitation, the Specification of Security Requirements or the Security requirements Validation are essential to assure the Quality of the resulting software. An increasing part of the communication and sharing of information in our society utilizes Web Applications. Last two years have seen a significant surge in the amount of Web Application specific vulnerabilities that are disclosed to the public because of the importance of Security Requirements Engineering for Web based systems and as it is still under estimated. Therefore a thorough Security Requirements analysis is even more relevant. In this paper, we propose a Model oriented framework to Security Requirement Engineering (MOSRE) for Web Applications and applied our framework for E-Voting system. By applying Modeling technologies to Requirement phases, the Security requirements and domain knowledge can be captured in a well-defined model and it is better than traditional process. © 2013 Springer-Verlag.