Software security requirements management as an emerging cloud computing service
作者:
Highlights:
• We present concise methods, techniques, and best practice requirements management guidelines on software security.
• Outlines features of the proposed requirements engineering and management as an emerging cloud service (SSREMaaES).
• Developed an Integrated-Secure SDLC model (IS-SDLC), which will benefit practitioners, researchers, learners, and educators.
• Application and process of using Microsoft SDLC for DDoS attacks on cloud services.
• Illustrates our approach for a large cloud system Amazon EC2 service.
摘要
•We present concise methods, techniques, and best practice requirements management guidelines on software security.•Outlines features of the proposed requirements engineering and management as an emerging cloud service (SSREMaaES).•Developed an Integrated-Secure SDLC model (IS-SDLC), which will benefit practitioners, researchers, learners, and educators.•Application and process of using Microsoft SDLC for DDoS attacks on cloud services.•Illustrates our approach for a large cloud system Amazon EC2 service.
论文关键词:Emerging cloud services,Software security,Software security requirements engineering,Secured software development,SQUARE method,BSI,Touchpoint,SDL,Requirements engineering and management as an emerging service (SSREMaaES)
论文评审过程:Received 15 March 2016, Revised 24 March 2016, Accepted 24 March 2016, Available online 3 April 2016, Version of Record 3 April 2016.
论文官网地址:https://doi.org/10.1016/j.ijinfomgt.2016.03.008
