DefinePK

Abstract

The conventional software designing tools do not address the software security design, the security considerations are taken care of independently and there is no de facto unified mechanism to design software’s functional requirements along with the security requirements, it allows the applications more vulnerable to the security threats, this is especially true in clientserver / web based systems. In this research designing notations are being proposed that can be integrated with the existing designing tools to address software security design. The notations have less abstraction in order to design security requirements more clearly and effectively. Security is not a feature that can be added to software or "bolted on" after other software features are codified, nor can it be "patched in" after attacks have occurred in the field. Instead, security must be built in from the very beginning (requirements specification) and included in every subsequent System Development Life Cycle phase.