There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
The purpose of this work is to evaluate software security in terms of confidentiality and non-repudiation at an early stage of the software life cycle. To achieve this purpose, a new method of evaluating security characteristic from its confidentiality quality attributes/measures and its non-repudiation quality attributes/measures, as recommended by ISO/IEC 25010 based on UML diagrams is proposed. Firstly, this method combines functional and structural size methods to refine confidentiality attributes/measures and non-repudiation attributes/measures, recommended by ISO/IEC 25023. Then, its given results along with cryptography algorithm strength, digital signature algorithm strength and hush function strength presents an indicator of the confidentiality level and non repudiation level in a web application. Finally, it helps both the software designer and the software owner to identify the degree of trust on the software application. A security evaluation tool( SE ) is developed and validated for these purposes.
