2016 Joint Conference of the International Workshop on Software Measurement and the International Conference on Software Process and Product Measurement (2016)
Oct. 5, 2016 to Oct. 7, 2016
Because of software requirements play a critical role in software development projects, measuring the non-functional requirements as well as functional requirements is therefore not to be trifled with. Software security as a non-functional requirement is one of the most important quality characteristic that is recently added in the ISO 25010 quality models (previously defined as sub characteristics in ISO 9126). This characteristic must be evaluated cautiously and precisely during all the software life-cycle and especially early in the design phase. The purpose of this paper is early evaluating security in web application. To achieve this purpose, we propose to measure the quality attributes of authenticity through a combination of functional and structural size of the authenticity sequence diagram at the design phase. This combination of measurement can be used to identify the risk of violation of authenticity in web application design. An example of GeoNetwork web application is used to illustrate our proposed measurement for evaluating security as defined by ISO/IEC 25010.
Software, ISO Standards, Authentication, Size measurement, IEC Standards, Software measurement
H. Hakim, A. Sellami and H. Ben Abdallah, "Evaluating Security in Web Application Design Using Functional and Structural Size Measurements," 2016 Joint Conference of the International Workshop on Software Measurement and the International Conference on Software Process and Product Measurement(IWSM Mensura), Berlin, Germany, 2016, pp. 182-190.