Factors that Influence the Adoption of Information Security on Requirement Phase for Custom-Made Software at SMEs

Abstract

This paper reports security factors to custom-made software at SMEs from development perspectives. The primary purpose of this work is to support the In-house software development companies to understand the security issues are being addressed to deal with customer demands. It targets the requirement phase from the overall Software Development Life Cycle (SDLC) by conducting a systematic snapshot mapping in the literature addressing the security requirements in the period from 2000 to 2018. The data extraction process resulted in gathering 40 relevant papers. Primary, reviewed papers addressed classification factors based on management, development, organizational, and environmental perspectives. Secondary, it addressed classification governance issues, and security services including authorization, authentication, availability, confidentiality, and integrity. Our results revealed that project management issues have studied significantly. A large number of the studies are conducted at security management factors and adopting the authorization security service. This study presents a future trend based on a gap research forum that revealed after conducting the systematic mapping approach.