Abstract
© 2016 Elsevier Ltd. All rights reserved.Emerging cloud applications are growing rapidly and the need for identifying and managing service requirements is also highly important and critical at present. Software Engineering and Information Systems has established techniques, methods and technology over two decades to help achieve cloud service requirements, design, development, and testing. However, due to the lack of understanding of software security vulnerabilities that should have been identified and managed during the requirements engineering phase, we have not been so successful in applying software engineering, information management, and requirements management principles that have been established for the past at least 25 years, when developing secure software systems. Therefore, software security cannot just be added after a system has been built and delivered to customers as seen in today's software applications. This paper provides concise methods, techniques, and best practice requirements engineering and management as an emerging cloud service (SSREMaaES) and also provides guidelines on software security as a service. This paper also discusses an Integrated-Secure SDLC model (IS-SDLC), which will benefit practitioners, researchers, learners, and educators. This paper illustrates our approach for a large cloud system Amazon EC2 service.
More Information
Identification Number: | https://doi.org/10.1016/j.ijinfomgt.2016.03.008 |
---|---|
Status: | Published |
Refereed: | Yes |
Publisher: | Elsevier |
Uncontrolled Keywords: | Emerging cloud services, Software security, Software security requirements engineering, Secured software development, SQUARE method, BSI, Touchpoint, SDL, Requirements engineering and management as an emerging service (SSREMaaES), 0806 Information Systems, 0807 Library And Information Studies, 0805 Distributed Computing, Information Systems, |
Depositing User (symplectic) | Deposited by Ramachandran, Muthu |
Date Deposited: | 24 Nov 2016 13:58 |
Last Modified: | 10 Jul 2024 19:28 |
Item Type: | Article |
Download
Note: this is the author's final manuscript and may differ from the published version which should be used for citation purposes.
| Preview