Security Based Requirements Engineering for E-Voting System
The election process is in need of secured electronic system that voters can rely on and have trust. Unfortunately, a recent study revealed that various E-Voting Systems show serious specification, design, and implementation flaws. When system is being built, tasks such as Security Requirements Elicitation, Specification and Validation are essential to assure the Quality of the resulting secure E-Voting System. In this paper we propose, to adopt Security Requirements Engineering in the early phases of E-Voting System development and consider the Security requirements as functional requirements. This helps in standardizing the Security Requirements for secure E-Voting System with completeness.
Keywords:E-Voting Functional Requirements Threats Security issues Security Requirements
- 1.Fabian B, Gurses S, Heisel M, Santen T, Schmidt H (2009) A comparison of security requirements engineering methods. Requir Eng: Secur Requir Eng 15:7–40, Springer-Verlag London Limited 2009Google Scholar
- 2.Haley CB, Laney R, Moffett JD, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34(1):133–152Google Scholar
- 3.Mead R, Houg ED, Stehney TR (2005) Security quality requirements engineering (square) methodology. Technical report CMU/SEI-2005-TR-009, Software Engineering Institute, Carnegie Mellon University 2005.Google Scholar
- 4.Wang H, Jia Z, Shen Z (2009) Research in security requirements engineering process. In: IEEE 16th international conference on Industrial Engineering and Engineering management, 2009, pp 1285–1288Google Scholar
- 6.Graham D (2006) Introduction to the CLASP process. Build Security In, 2006. https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices/requirements/ 548.html.
- 7.Jacobson I (1995) Modeling with use cases: formalizing use case modelling. J Object-Oriented Program8 (2):18–24Google Scholar
- 8.Meier JD, Mackman A, Dunner M, Vasireddy S Escamilla R, Murukan A (2003) In: Improving web application security :threats and countermeasures. Microsoft Corporation, Published, June 2003Google Scholar
- 9.Sindre G, Opdah AL (2004) Eliciting security requirements with misuse cases. Requir Eng 10:34–44, Springer-Verlag London Limited 2004Google Scholar