Security assurance by efficient non-repudiation requirements

Abstract

Security is an age long dream in all the walks of our social life. In software industry, security is regarded as wheels on which the entire system can move smoothly. Various tools/techniques have been deployed for developing secure software, but, on the other hand, attackers are continuously exploiting vulnerabilities to compromise security. Firewalls, intrusion prevention/detection and antivirus systems cannot simply solve this problem to the desirable extent. Only a rigorous effort by the software development community for building more secure software can foil attackers and allow users to feel protected from such exploitations. Research studies reveal that security cannot be added in developed software rather it should be introduced right from the beginning in the SDLC. To achieve this objective, security measures must be embedded throughout the SDLC phases and starting from the requirements phase itself. Non-Repudiation requirement is globally accepted as one of the prominent security requirements. Appropriate level of non-repudiation may well enforce security features and hence, ensure security for deployed software. A checklist is proposed, in this paper, which may enable assessment of the appropriateness of non-repudiation requirements and lead to counter/additional measures for security assurance. © 2012 Springer-Verlag GmbH.