S-Scrum: a secure methodology for agile development of web services
To care for security in early stages of software development has always been a major engineering trend. However, due to the existence of unpreventable and accidental security faults within the system, it is not always possible to entirely identify and mitigate the security threats. This may eventual...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
WCSIT Publishing
2013
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/30667/1/S.pdf |
| _version_ | 1796971787309809664 |
|---|---|
| author | Mougouei, Davoud Mohd Sani, Nor Fazlida Almasi, Mohammad Moein |
| author_facet | Mougouei, Davoud Mohd Sani, Nor Fazlida Almasi, Mohammad Moein |
| author_sort | Mougouei, Davoud |
| collection | UPM |
| description | To care for security in early stages of software development has always been a major engineering trend. However, due to the existence of unpreventable and accidental security faults within the system, it is not always possible to entirely identify and mitigate the security threats. This may eventually lead to security failure of the target system. To avoid security failure, it is required to incorporate fault tolerance (i.e. intrusion tolerant) into the security requirements of the system. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Systems (ITS) using fuzzy logic. We care for intrusion tolerance in security requirements of the system through considering partial satisfaction of security goals. This partiality is accepted and formally described through establishment of a Goal-Based Fuzzy Grammar (GFG) and its respective Goal-Based Fuzzy Language (GFL) for describing Security Requirement Model (SRM) of the target ITS. |
| first_indexed | 2024-03-06T08:18:15Z |
| format | Article |
| id | upm.eprints-30667 |
| institution | Universiti Putra Malaysia |
| language | English |
| last_indexed | 2024-03-06T08:18:15Z |
| publishDate | 2013 |
| publisher | WCSIT Publishing |
| record_format | dspace |
| spelling | upm.eprints-306672017-10-31T02:10:37Z http://psasir.upm.edu.my/id/eprint/30667/ S-Scrum: a secure methodology for agile development of web services Mougouei, Davoud Mohd Sani, Nor Fazlida Almasi, Mohammad Moein To care for security in early stages of software development has always been a major engineering trend. However, due to the existence of unpreventable and accidental security faults within the system, it is not always possible to entirely identify and mitigate the security threats. This may eventually lead to security failure of the target system. To avoid security failure, it is required to incorporate fault tolerance (i.e. intrusion tolerant) into the security requirements of the system. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Systems (ITS) using fuzzy logic. We care for intrusion tolerance in security requirements of the system through considering partial satisfaction of security goals. This partiality is accepted and formally described through establishment of a Goal-Based Fuzzy Grammar (GFG) and its respective Goal-Based Fuzzy Language (GFL) for describing Security Requirement Model (SRM) of the target ITS. WCSIT Publishing 2013 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/30667/1/S.pdf Mougouei, Davoud and Mohd Sani, Nor Fazlida and Almasi, Mohammad Moein (2013) S-Scrum: a secure methodology for agile development of web services. World of Computer Science and Information Technology Journal, 3 (1). pp. 15-19. ISSN 2221-0741 http://download.wcsit.org/3.1.2013 |
| spellingShingle | Mougouei, Davoud Mohd Sani, Nor Fazlida Almasi, Mohammad Moein S-Scrum: a secure methodology for agile development of web services |
| title | S-Scrum: a secure methodology for agile development of web services |
| title_full | S-Scrum: a secure methodology for agile development of web services |
| title_fullStr | S-Scrum: a secure methodology for agile development of web services |
| title_full_unstemmed | S-Scrum: a secure methodology for agile development of web services |
| title_short | S-Scrum: a secure methodology for agile development of web services |
| title_sort | s scrum a secure methodology for agile development of web services |
| url | http://psasir.upm.edu.my/id/eprint/30667/1/S.pdf |
| work_keys_str_mv | AT mougoueidavoud sscrumasecuremethodologyforagiledevelopmentofwebservices AT mohdsaninorfazlida sscrumasecuremethodologyforagiledevelopmentofwebservices AT almasimohammadmoein sscrumasecuremethodologyforagiledevelopmentofwebservices |