期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2017
卷号:95
期号:15
页码:3613
出版社:Journal of Theoretical and Applied
摘要:Mobile applications (mobile apps) are becoming a common medium for conducting transaction, saving data and exchanging information online. However, an important issue that has been overlooked is the emphasis on security issues at the early stage of mobile apps development. It has become a common practice among requirements engineers to deal with security issues after the mobile apps have been developed. This scenario has led to the failure of developing secure and safe mobile application based on the needs of the users. Motivated by this problem, we propose an automated support tool to assist requirements engineers to elicit security related requirements at the early stage of mobile apps development. This paper reported a replication of a study from our previous work that describes our user study and tool support, called MobiMEReq. This tool uses SecEUCs and SecEUIs prototype model to automatically elicit the security attributes requirements of mobile apps. In this paper, we reported the results drawn from an experiment of a user study to compare the capability of the MobiMEReq in relation to the manual approach. The results of the user study show that the tool support has higher accuracy rate in comparison to the manual approach to extract security attributes elicited from functional requirements. This implies that our tool is able to help requirements engineers to easily elicit security attribute requirements of mobile apps.
关键词:Security requirements; Security attributes; Mobile apps; Security requirements elicitation
