Security Requirements Elicitation Using View Points for Online System

Abstract

Security is of great concern for software engineering community for the development of online systems. To handle all the security issues properly we need to have well defined process for Security engineering and this process should be integrated with software development life cycle (SDLC). For integrating security engineering with SDLC the requirement engineers should have clearly understanding of what security requirements are and he/she is able to distinguish security requirements from various architectural and behavioral constraints. In this paper we go on to define a process for security requirements elicitation presenting techniques for activities like requirements discovery, analysis, prioritization and management. With true security requirements identified as early as possible and systematically identified, Architecture team can choose most appropriate mechanism to implement them.