Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective

Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective

Increasing the number of threats against software vulnerabilities and rapidly growing data breaches have become a key concern for both the IT industry and stakeholders. Developing secure software systems when there is a high demand for software products from individuals as well as the organizations...

Full description

Bibliographic Details
Main Authors: Alka Agrawal, Adil Hussain Seh, Abdullah Baz, Hosam Alhakami, Wajdi Alhakami, Mohammed Baz, Rajeev Kumar, Raees Ahmad Khan
Format: Article
Language:English
Published: MDPI AG 2020-04-01
Series:Symmetry
Subjects:
software security
symmetrical assessment
security tactics
fuzzy logic
fuzzy-ANP
fuzzy-TOPSIS
Online Access:https://www.mdpi.com/2073-8994/12/4/598
id doaj-8591e535ee1942a4bb3287a1b2a9531b
record_format Article
spelling doaj-8591e535ee1942a4bb3287a1b2a9531b2020-11-25T02:33:57ZengMDPI AGSymmetry2073-89942020-04-011259859810.3390/sym12040598Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics PerspectiveAlka Agrawal0Adil Hussain Seh1Abdullah Baz2Hosam Alhakami3Wajdi Alhakami4Mohammed Baz5Rajeev Kumar6Raees Ahmad Khan7Department of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow 226025, IndiaDepartment of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow 226025, IndiaDepartment of Computer Engineering, College of Computer and Information Systems, Umm Al-Qura University, Makkah 715, Saudi ArabiaDepartment of Computer Science, College of Computer and Information Systems, Umm Al-Qura University, Makkah 715, Saudi ArabiaDepartment of Information Technology, College of Computers and Information Technology, Taif University, Taif 26571, Saudi ArabiaComputer Engineering Department, College of Computers and Information Technology, Taif University, Taif 26571, Saudi ArabiaDepartment of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow 226025, IndiaDepartment of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow 226025, IndiaIncreasing the number of threats against software vulnerabilities and rapidly growing data breaches have become a key concern for both the IT industry and stakeholders. Developing secure software systems when there is a high demand for software products from individuals as well as the organizations is in itself a big challenge for the designers and developers. Meanwhile, adopting traditional and informal learnings to address security issues of software products has made it easier for cyber-criminals to expose software vulnerabilities. Hence, it is imperative for the security practitioners to employ a symmetric mechanism so as to achieve the desired level of software security. In this context, a decision-making approach is the most symmetrical technique to assess the security of software in security tactics perspective. Since the security tactics directly address the quality attribute concerns, this symmetric approach will be highly effective in making the software systems more secure. In this study, the authors have selected three main attributes and fifteen sub-attributes at level 1 and level 2, respectively, with ten different software of an institute as alternatives. Furthermore, this study uses a fuzzy-based symmetrical decision-making approach to assess the security of software with respect to tactics. Fuzzy Analytic Network Process (F-ANP) is applied to evaluate the weights of criteria and fuzzy-Symmetrical technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is used to determine impact of alternatives. The proposed symmetrical assessment in this study will be beneficial for both the designers and developers to categorize and prioritize the security attributes and understand the importance of security tactics during software development life cycle.https://www.mdpi.com/2073-8994/12/4/598software securitysymmetrical assessmentsecurity tacticsfuzzy logicfuzzy-ANPfuzzy-TOPSIS
collection DOAJ
language English
format Article
sources DOAJ
author Alka Agrawal
Adil Hussain Seh
Abdullah Baz
Hosam Alhakami
Wajdi Alhakami
Mohammed Baz
Rajeev Kumar
Raees Ahmad Khan
spellingShingle Alka Agrawal
Adil Hussain Seh
Abdullah Baz
Hosam Alhakami
Wajdi Alhakami
Mohammed Baz
Rajeev Kumar
Raees Ahmad Khan
Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
Symmetry
software security
symmetrical assessment
security tactics
fuzzy logic
fuzzy-ANP
fuzzy-TOPSIS
author_facet Alka Agrawal
Adil Hussain Seh
Abdullah Baz
Hosam Alhakami
Wajdi Alhakami
Mohammed Baz
Rajeev Kumar
Raees Ahmad Khan
author_sort Alka Agrawal
title Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
title_short Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
title_full Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
title_fullStr Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
title_full_unstemmed Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective
title_sort software security estimation using the hybrid fuzzy anp-topsis approach: design tactics perspective
publisher MDPI AG
series Symmetry
issn 2073-8994
publishDate 2020-04-01
description Increasing the number of threats against software vulnerabilities and rapidly growing data breaches have become a key concern for both the IT industry and stakeholders. Developing secure software systems when there is a high demand for software products from individuals as well as the organizations is in itself a big challenge for the designers and developers. Meanwhile, adopting traditional and informal learnings to address security issues of software products has made it easier for cyber-criminals to expose software vulnerabilities. Hence, it is imperative for the security practitioners to employ a symmetric mechanism so as to achieve the desired level of software security. In this context, a decision-making approach is the most symmetrical technique to assess the security of software in security tactics perspective. Since the security tactics directly address the quality attribute concerns, this symmetric approach will be highly effective in making the software systems more secure. In this study, the authors have selected three main attributes and fifteen sub-attributes at level 1 and level 2, respectively, with ten different software of an institute as alternatives. Furthermore, this study uses a fuzzy-based symmetrical decision-making approach to assess the security of software with respect to tactics. Fuzzy Analytic Network Process (F-ANP) is applied to evaluate the weights of criteria and fuzzy-Symmetrical technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is used to determine impact of alternatives. The proposed symmetrical assessment in this study will be beneficial for both the designers and developers to categorize and prioritize the security attributes and understand the importance of security tactics during software development life cycle.
topic software security
symmetrical assessment
security tactics
fuzzy logic
fuzzy-ANP
fuzzy-TOPSIS
url https://www.mdpi.com/2073-8994/12/4/598
work_keys_str_mv AT alkaagrawal softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT adilhussainseh softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT abdullahbaz softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT hosamalhakami softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT wajdialhakami softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT mohammedbaz softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT rajeevkumar softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
AT raeesahmadkhan softwaresecurityestimationusingthehybridfuzzyanptopsisapproachdesigntacticsperspective
_version_ 1724811294902583296

Similar Items