Ranking criteria based on fuzzy ANP for assessing E-commerce web sites

Rekik, Rim; Kallel, Ilhem; Alivmi, Adel M.

doi:10.1109/smc.2016.7844770

Cited by 8 publications

(14 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The attributes of react and recover from attacks are revoke access, lock computer, inform actors, maintain audit trail, and availability and are represented as F31, F32, F33,F34, and F35, respectively, in the tables given below. Software security assessment using fuzzy-ANP-TOPSIS has been examined by applying these Equations (1)- (20) as follows:…”

Section: Data Analysis and Resultsmentioning

confidence: 99%

“…Authors accumulated network structure to determine the weights of security attributes with respect to design tactics, using the data collected. Software development experts provided the answers by assigning scores according to the scale shown in Table 1 to the attributes that influenced each other in a measurable way [20]. First, views were taken from fifty academics and industry experts who had a wealth of expertise in security design and maintenance for each collection of attributes and related data.…”

Section: Methodsmentioning

confidence: 99%

“…Security tactics provide guidelines for the conformity of quality attributes and adoption of these guidelines will help the developers to develop secure and trustworthy systems. Attack detection, resist against attacks, react to attacks, and recovery from attacks is the main objective of security tactics [20].…”

Section: Software Security Tacticsmentioning

confidence: 99%

“…Moreover, repudiation is part of the STRIDE security threat model devised by IBM that maximizes its priority. The reaction to attacks and recovery from attacks are two separate sub-goals of security tactics [20]. However, in this study, these are taken together as a single attribute named "react and recover from attacks" because these two have a high level of dependency on each other, and after reacting to attacks we can achieve the recovery from attacks.…”

Section: Software Security Tacticsmentioning

confidence: 99%

“…TOPSIS is the best-known approach for alternative ranking in MCMD problems. The main idea of TOPSIS is that the best alternative among all competitive alternatives should be at the minimum distance from a positive ideal solution (PIS) and have maximum distance from negative ideal solution (NIS) [17][18][19][20][21].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Software Security Estimation Using the Hybrid Fuzzy ANP-TOPSIS Approach: Design Tactics Perspective

et al. 2020

View full text Add to dashboard Cite

Increasing the number of threats against software vulnerabilities and rapidly growing data breaches have become a key concern for both the IT industry and stakeholders. Developing secure software systems when there is a high demand for software products from individuals as well as the organizations is in itself a big challenge for the designers and developers. Meanwhile, adopting traditional and informal learnings to address security issues of software products has made it easier for cyber-criminals to expose software vulnerabilities. Hence, it is imperative for the security practitioners to employ a symmetric mechanism so as to achieve the desired level of software security. In this context, a decision-making approach is the most symmetrical technique to assess the security of software in security tactics perspective. Since the security tactics directly address the quality attribute concerns, this symmetric approach will be highly effective in making the software systems more secure. In this study, the authors have selected three main attributes and fifteen sub-attributes at level 1 and level 2, respectively, with ten different software of an institute as alternatives. Furthermore, this study uses a fuzzy-based symmetrical decision-making approach to assess the security of software with respect to tactics. Fuzzy Analytic Network Process (F-ANP) is applied to evaluate the weights of criteria and fuzzy-Symmetrical technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is used to determine impact of alternatives. The proposed symmetrical assessment in this study will be beneficial for both the designers and developers to categorize and prioritize the security attributes and understand the importance of security tactics during software development life cycle.

show abstract

Section: Data Analysis and Resultsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Section: Software Security Tacticsmentioning

confidence: 99%

Section: Software Security Tacticsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations