Abstract: Generally, software security can be regarded as one of the most important issues in software engineering field since it may affect the software product effectiveness due to the various technological vulnerabilities and menaces. Most traditional software security approaches provide security activities through the software development lifecycle (SDLC) from requirements to design, implementation, testing and deployment. This paper focuses on embedding security concerns in the software development lifecycle (SDLC) using a bottom-up approach that is based on case based reasoning (CBR) paradigm. Thus, we study three high security-focusing cases for software projects, namely “e-shop”, “Mobiling” and “intranet” using a structured case study method. Then, we populate these three cases in the proposed framework that is an excerpt of the case project base. Furthermore, this paper identifies the specificity of each case, discusses completeness of the proposed framework and proposes suggestions for improvement. Finally, usages scenarios are defined sustaining the use of the proposed framework.

Ikram Elrhaffari and Ounsa Roudies, “Capturing Software Security Practices using CBR: Three Case Studies” International Journal of Advanced Computer Science and Applications(IJACSA), 10(11), 2019. http://dx.doi.org/10.14569/IJACSA.2019.0101159

@article{Elrhaffari2019,
title = {Capturing Software Security Practices using CBR: Three Case Studies},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2019.0101159},
url = {http://dx.doi.org/10.14569/IJACSA.2019.0101159},
year = {2019},
publisher = {The Science and Information Organization},
volume = {10},
number = {11},
author = {Ikram Elrhaffari and Ounsa Roudies}
}