A Systematic Review and Analytical Evaluation of Security Requirements Engineering Approaches

Mohammad, Malik Nadeem Anwar; Nazir, Mohammed; Mustafa, Khurram

doi:10.1007/s13369-019-04067-3

Cited by 13 publications

(7 citation statements)

References 73 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Conducting an error-free survey and minimizing the biasness up to the highest level was also the core priority of this study. However, there are some threats that do exist and while conducting a systematic review, they may harm the validity of the study [73]. These include a selection of limited digital databases and search engines, imperfection in the retrieval of research papers, inaccuracy in the framing of inclusion-exclusion parameters, biasness in setting QA questions.…”

Section: Validationmentioning

confidence: 99%

See 1 more Smart Citation

An Analysis of Integrating Machine Learning in Healthcare for Ensuring Confidentiality of the Electronic Records

Seh¹,

Al-Amri²,

Subahi³

et al. 2022

Computer Modeling in Engineering &Amp; Sciences

View full text Add to dashboard Cite

The adoption of sustainable electronic healthcare infrastructure has revolutionized healthcare services and ensured that E-health technology caters efficiently and promptly to the needs of the stakeholders associated with healthcare. Despite the phenomenal advancement in the present healthcare services, the major obstacle that mars the success of E-health is the issue of ensuring the confidentiality and privacy of the patients' data. A thorough scan of several research studies reveals that healthcare data continues to be the most sought after entity by cyber invaders. Various approaches and methods have been practiced by researchers to secure healthcare digital services. However, there are very few from the Machine learning (ML) domain even though the technique has the proactive ability to detect suspicious accesses against Electronic Health Records (EHRs). The main aim of this work is to conduct a systematic analysis of the existing research studies that address healthcare data confidentiality issues through ML approaches. B.A. Kitchenham guidelines have been practiced as a manual to conduct this work. Seven well-known digital libraries namely IEEE Xplore, Science Direct, Springer Link, ACM Digital Library, Willey Online Library, PubMed (Medical and Bio-Science), and MDPI have been included to perform an exhaustive search for the existing pertinent studies. Results of this study depict that machine learning provides a more robust security mechanism for sustainable management of the EHR systems in a proactive fashion, yet the specified area has not been fully explored by the researchers. K-nearest neighbor algorithm and KNIEM implementation tools are mostly used to conduct experiments on EHR systems' log data. Accuracy and performance measure of practiced techniques are not sufficiently outlined in the primary studies. This research endeavour depicts that there is a need to analyze the dynamic digital healthcare environment more comprehensively. Greater accuracy and effective implementation of ML-based models are the need of the day for ensuring the confidentiality of EHRs in a proactive fashion.

show abstract

Section: Validationmentioning

confidence: 99%

“…External Validity: It ensures the generalization of the results, or we can say that it defines the applicability of the results. Here, our generated results are dependent on the search engines of specified digital libraries [73]. Every search engine and the digital repository have some kind of limitations in generating accurate results.…”

Section: Validationmentioning

confidence: 99%

An Analysis of Integrating Machine Learning in Healthcare for Ensuring Confidentiality of the Electronic Records

Seh¹,

Al-Amri²,

Subahi³

et al. 2022

Computer Modeling in Engineering &Amp; Sciences

View full text Add to dashboard Cite

show abstract

“…The rising number of security problems in recent years, forced the research community to put security concerns at the top of their list of priorities (Anwar Mohammad et al, 2019). Security should be a part of the whole SDLC process, and it should be a part of it right from the start, in the requirements phase (Mahmood et al, 2022;Sonmez & Kilic, 2021).…”

Section: Literature Reviewmentioning

confidence: 99%

“…Model-oriented security requirements engineering (MORSE) has been used in web-based E-Health applications (Li et al, 2017). Misuse instances are another technique for eliciting security requirements (Anwar Mohammad et al, 2019), Misuse cases were presented to capture security threats and requirements (Zareen et al, 2020). Security requirement frameworks should be contained in any the SDLC process to enhance the development methodology, such as SQUARE Anwar Mohammad et al (2019); Qadir & Ahmad (2022) Mufti et al (2018), CLASP Qadir & Ahmad, (2022) Mufti et al (2018), secure i* , UMLsec Mohammad et al (2019), SREP (Mufti et al, 2018), secure Tropos Mohammad et al (2019), MORSE Prabhakaran & Selvadurai (2018) and many more.…”

Section: Literature Reviewmentioning

confidence: 99%

Securing Software Development: A Holistic Exploration of Security Awareness in Software Development Teams

Janisar,

Shafee,

Sarlan

et al. 2024

IJARBSS

View full text Add to dashboard Cite

Security awareness is crucial at every stage of the software development life cycle. Studies emphasize the importance of addressing security requirements (SR) early in the requirement engineering phase to effectively mitigate security issues. However, the software development team (SDT) currently lacks sufficient awareness regarding the security requirements assurance (SRA) for mitigating security issues in secure software development. The objective of this study is to assess the (SDT) security knowledge in early software development. A survey was distributed, questions were based on (SR) within the context of security requirement engineering (SRE). A total of 58 responded to the survey. The results indicate that the (SDT) demonstrates a satisfactory level of knowledge regarding security (KOS), security requirements elicitation and analysis (SREA), and approaches within the domain of SRE. However, the results pertaining to security requirement assurance (SRA) were found unsatisfactory. Descriptive statistics were employed to analyse the mean scores of KOS=3.79, SRE=3.61, SREA=3.67, and SRA=2.71. SRE presented the strong Pearson correlation with SREA=.596**. Also, regression coefficient produces positive outcome with (SRA) and (SREA). Though, software development teams need to collaborate with the researcher to enhance the awareness about security requirement assurance during the secure development process.

show abstract

“…The term RE is broadly defined as the application of engineering activities to the development of formal software requirements. This includes the process of defining, documenting and maintaining the requirements, as well as identifying stakeholders of the system and their demands (Mohammad et al. , 2019).…”

Section: Background and Related Workmentioning

confidence: 99%

New goal-oriented requirements extraction framework for e-health services: a case study of diagnostic testing during the COVID-19 outbreak

Alotaibi

Subahi

2021

BPMJ

View full text Add to dashboard Cite

PurposeThis paper aims to introduce the goal-oriented requirements extraction approach (GOREA). It is an elicitation approach that uses, specifically, healthcare business goals to derive the requirements of e-health system to be developed.Design/methodology/approachGOREA consists of two major phases: (1) modelling e-health business requirements phase and (2) modelling e-health information technology (IT) and systems requirements phase. The modelling e-health business requirements phase is divided into two main stages: (1) model e-health business strategy stage and (2) model e-health business environment stage. The modelling e-health IT and systems requirements phase illustrates the process of obtaining requirements of e-health system from the organizational goals that are determined in the previous phase. It consists of four main steps that deal with business goals of e-health system: (1) modelling e-health business process (BP) step; (2) modelling e-health business goals step; (3) analysing e-health business goals step; and (4) eliciting e-health system requirements step. A case study based on the basic operations and services in hospital emergency unit for checking patient against COVID-19 virus and taking its diagnostic testing has been set and used to examine the validity of the proposed approach by achieving the conformance of the developed system to the business goals.FindingsThe results indicate that (1) the proposed GOREA has a positive influence on the system implementation according to e-health business expectations; and (2) it can successfully fulfil the need of e-health business in order to save the citizens life by checking them against COVID-19 virus.Research limitations/implicationsThe proposed approach has some limitations. For example, it is only validated using one e-health business goal and thus it has to be authenticated with different e-health business goals in order to address different e-health problems.Originality/valueMany e-health projects and innovations are not established based on robust system requirements engineering phase. In order to ensure the success delivery of e-health services, all characteristics of e-health systems and applications must be understood in terms of technological perspectives as well as the all system requirements.

show abstract

A Systematic Review and Analytical Evaluation of Security Requirements Engineering Approaches

Cited by 13 publications

References 73 publications

An Analysis of Integrating Machine Learning in Healthcare for Ensuring Confidentiality of the Electronic Records

An Analysis of Integrating Machine Learning in Healthcare for Ensuring Confidentiality of the Electronic Records

Securing Software Development: A Holistic Exploration of Security Awareness in Software Development Teams

New goal-oriented requirements extraction framework for e-health services: a case study of diagnostic testing during the COVID-19 outbreak

Contact Info

Product

Resources

About