Capturing Security Requirements using Essential Use Cases (EUCs) Model
Dr Massila Kamalrudin (Department of Software Engineering, Faculty of Information and Communication Technology, Universiti Teknikal Malaysia Melaka (UTeM).)
COMPUTER SCIENCE SEMINAR Software EngineeringDATE: 2013-09-02
TIME: 16:00:00 - 17:00:00
LOCATION: CSIT Seminar Room, N101
CONTACT: JavaScript must be enabled to display this email address.
ABSTRACT:
Capturing security requirements at the early phase contributes to the success of secure software development. However, the process of capturing security requirements is complex and requires requirements engineers to have security experience in the process of eliciting and analysing the security requirements from the business requirements. Most of the requirements engineers lack of knowledge and skills on security elements and always face difficulty to capture and understand the security terms. Therefore, the captured security requirements are inaccurate, inconsistent and incomplete which finally leads to insecure software systems. To overcome these problems, formal or semi-formal models are currently used in the process of capturing the security requirements as they allow for better checking, analysis and structured representations. This research aims to investigate the usage and the effectiveness of a semi-formalised model called Essential Use Cases (EUCs) in capturing security requirements. EUCs is previously identified in other study to be fruitful for the process of capturing and validating business requirements. This study will results to a new effective approach to support requirements engineers in capturing security requirements for developing an accurate secure software. In addition, we collect and develop generic security essential requirements patterns for security requirements analysis process, to aid analysis of the captured requirements. The analysis is based on the essential requirements patterns constructed using EUCs methodolgy. Further a prototype tool is developed to realise the approach.
BIO:
Dr. Massila Kamalrudin is a Senior Lecturer of Software Engineering department of UTeM. Her first Degree was Computer Science majoring in Software Engineering from Universiti Putra Malaysia in 2003, then completed her MSc in Computing and Software Technology in 2006 from University of Wales, Swansea. In 2011 she gained her PhD from University of Auckland, New Zealand in the area of Requirements Engineering within 3 years and did a post-doctorate study at Swinburne University of Technology, Melbourne Australia. She is a member of IEEE and Malaysia Software Engineering Group (MYSEIG). Her main interests of research are requirements engineering,global software development and software tool and methodology.
