Software Security Requirement Engineering for Risk and Compliance Management
D. Kavitha1, S. Ravikumar2

1D.Kavitha*, Department of Computer Science and Engineering, SRM Valliammai Engineering College, Chennai, India.
2S.Ravikumar, Department of Information Technology, SRM Valliammai Engineering College, Chennai, India. 

Manuscript received on March 03, 2021. | Revised Manuscript received on March 11, 2021. | Manuscript published on March 30, 2021. | PP: 11-17 | Volume-10 Issue-5, March 2021 | Retrieval Number: 100.1/ijitee.E86280310521| DOI: 10.35940/ijitee.E8628.0310521
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: The objective of the research work is to propose a software based security requirement engineering model using categorical and morphisms theory. The earlier security requirement engineering models focus different viewpoints on parallel processing and develop rewrite based knowledge centred models but does not include different functional mappings between the security objects to select the best strategy. The security models have not considered the needed security functions that are to be implemented in different environments with different levels of executions. The proposed requirement engineering model is based on the formal theory of category of objects and the morphisms between them in addition to n categories and multiple morphisms that were used to organize the security requirement functional objects of different categories. The on demand security requirement objects, morphisms and the uncertain events in any one of the subsystems are considered to manage this security requirement category as an algebraic data types. The collection of security requirement objects using classification and clustering techniques are implicitly applied by the formation of category and morphism. The risk and compliances both in the form of direct and indirect categories are mapped so as to provide a security assurance functors with minimum risk on the requirements to the next design state. An ‘n’ category and ‘n’ morphic model for software security requirement model is proposed towards for minimum security risks through efficient compliance management techniques. 
Keywords: Categorical Theory, Security Objects, Requirement Morphisms, Functions and Functors, Compliance Management.