Security Estimation Model: Fault Perspective

Security Estimation Model: Fault Perspective

Abstract- The issue of security is essential for secure software. Measuring security of software system at design phase may help software developers to improve the security of software system. A security estimation model for object oriented design fault perspective has been developed in this paper. The proposed model correlates the Object Oriented Design constructs with Fault and Security. The security estimation process can be achieved by controlling the fault issues at design phase. This paper presents a multivariate linear regression for establishing the security estimation model in terms of Confidentiality, Integrity and Availability as attributes of security criteria to evaluate security of class diagram. Security estimation model is empirically validated and statistical significance of the study considers the high correlation for model acceptance.

Keywords- Security Factors, Object Oriented Design Characteristics, Security Estimation, Fault factors

I. INTRODUCTION successful software development process includes the details of each and every step of the process which are called as phases of development process. In general design phase, the designer/developer decides on the topology of the architecture of the project. In this whole process, there will be several challenges that the developer has to overcome to reach the final completion stage followed with the delivery of the project. Security can be measured in terms of confidentiality, integrity and availability to understand the impact in the project at early stage. The effectiveness of a security mechanism, however, depends on both users and technology “doing the right thing” [6]. Recent research on usability and security has focussed on user problems and needs [7, 20, 21]. The security of a software system can be measured by using a security attribute of software system. Some standards have proposed different general models of security, but there is no generally accepted set of security concepts and definitions [8]. Both known and unknown vulnerabilities can be exploited to compromise security attributes – confidentiality, integrity, availability, authenticity or non-reputability of information used by organization [14]. Software security provides many effective techniques to protect high secure software from illegal access and malicious occurrences at software development life cycle. Security essentials are expected methods ant techniques that provide the uncracked methodologies [22, 17]. Software security assessment is an integral part of security management of software proje
Read More