Fuzzy logic based decision support system for component security evaluation

Software components are imperative parts of a system which play a fundamental role in the overall function of a system. A component is said to be secure if it has a towering scope of security. Security is a shield for unauthorized use as unauthorized users may informally access and modify components within a system. Such accessing and modifications ultimately affect the functionality and efficiency of a system. With an increase in software development activities security of software components is becoming an important issue. In this study, a fuzzy logic based model is presented to handle ISO/IEC 18028-2 security attributes for component security evaluation. For this purpose an eight input, single output model based on the Mamdani fuzzy inference system has been proposed. This component security evaluation model helps software engineers during component selection in conditions of uncertainty and ambiguity.

[1]  Ahmet Çelik,et al.  A fuzzy approach to define sample size for attributes control chart in multistage processes: An application in engine valve manufacturing process , 2008, Appl. Soft Comput..

[2]  Kam-Fai Wong,et al.  Component-Based Embedded Software Engineering: Development Framework, Quality Assurance and a Generic Assessment Environment , 2002, Int. J. Softw. Eng. Knowl. Eng..

[3]  Khaled M. Khan,et al.  A scenario based security characterisation of software components , 2000 .

[4]  Tinghua Wang,et al.  Network forensics based on fuzzy logic and expert system , 2009, Comput. Commun..

[5]  Tae-Sun Choi,et al.  Estimation and optimization based ill-posed inverse restoration using fuzzy logic , 2012, Multimedia Tools and Applications.

[6]  Gwanggil Jeon,et al.  Application for deinterlacing method using edge direction classification and fuzzy inference system , 2010, Multimedia Tools and Applications.

[7]  Khaled M. Khan,et al.  Security Properties of Software Components , 1999, ISW.

[8]  Li Gong,et al.  Secure software architectures , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[9]  Punam Bedi,et al.  A step towards Secure Software System using fuzzy logic , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[10]  S. Nazir,et al.  A Novel Fuzzy Logic Based Software Component Selection Modeling , 2012, 2012 International Conference on Information Science and Applications.

[11]  U. Chandrashekhar,et al.  Challenges of Securing an Enterprise and Meeting Regulatory Mandates , 2006, Networks 2006. 12th International Telecommunications Network Strategy and Planning Symposium.

[12]  Gary McGraw,et al.  An Approach for Certifying Security in Software Components , 1998 .

[13]  Mehran Mohsenzadeh,et al.  Proposed platform for improving grid security by trust management system , 2009, ArXiv.

[14]  Thomson Fredrick,et al.  The fuzzy logic based ECA rule processing for XML databases , 2015, Int. Arab J. Inf. Technol..

[15]  Cheol-Jung Yoo,et al.  Component Contract-Based Interface Specification Technique Using Z , 2002, Int. J. Softw. Eng. Knowl. Eng..

[16]  Khaled M. Khan,et al.  A security characterisation framework for trustworthy component based software systems , 2003, Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003.

[17]  Sher Afzal Khan,et al.  A Novel Rules Based Approach for Estimating Software Birthmark , 2015, TheScientificWorldJournal.

[18]  P.S. Sandhu,et al.  A Neuro-Fuzzy Based Software Reusability Evaluation System with Optimized Rule Selection , 2006, 2006 International Conference on Emerging Technologies.

[19]  Lotfi A. Zadeh,et al.  Fuzzy Logic , 2009, Encyclopedia of Complexity and Systems Science.