1Research Scholar, AIIT, Amity University, Lucknow, Uttar Pradesh, India
2Head of Department, AIIT, Amity University, Lucknow, Uttar Pradesh, India
3Assistant Professor, Department of Computer Applications, Integral University, Lucknow, Uttar Pradesh, India
Online published on 31 October, 2017.
To design, build and deploy secure systems, we must integrate security into our application development life cycle and adapt current software engineering practices and methodologies to include specific security-related activities. Developers enforces security measures during design phase of software development processes which may end up in specifying security related architecture constraints that are not really necessary. To eliminate this problem, we propose a Framework for Security Engineering Process that involves converting security requirements and threats into design decisions to mitigate the identified security threats. The identified design attributes are prioritized and a security design template is prepared. We have stored various cryptographic techniques and their analytic attributes in the repository to find out the specific cryptographic technique that would eventually help in the later stages of the design process by eliminating unnecessary design constraints in a particular scenario.
Security engineering process Security requirement engineering Security design engineering Security design template Cryptographic techniques Cryptographic attacks