A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development

BACKGROUND: Today’s healthcare organizations want to implement secure and quality healthcare software as cyber-security is a significant risk factor for healthcare data. Considering security requirements during trustworthy healthcare software development process is an essential part of the quality s...

Descripción completa

Detalles Bibliográficos
Autores principales: Ansari, Md Tarique Jamal, Al-Zahrani, Fahad Ahmed, Pandey, Dhirendra, Agrawal, Alka
Formato: Online Artículo Texto
Lenguaje:English
Publicado: BioMed Central 2020
Materias:
Research Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7502023/
https://www.ncbi.nlm.nih.gov/pubmed/32948169
http://dx.doi.org/10.1186/s12911-020-01209-8
_version_ 1783584144299655168
author Ansari, Md Tarique Jamal
Al-Zahrani, Fahad Ahmed
Pandey, Dhirendra
Agrawal, Alka
author_facet Ansari, Md Tarique Jamal
Al-Zahrani, Fahad Ahmed
Pandey, Dhirendra
Agrawal, Alka
author_sort Ansari, Md Tarique Jamal
collection PubMed
description BACKGROUND: Today’s healthcare organizations want to implement secure and quality healthcare software as cyber-security is a significant risk factor for healthcare data. Considering security requirements during trustworthy healthcare software development process is an essential part of the quality software development. There are several Security Requirements Engineering (SRE) methodologies, framework, process, standards available today. Unfortunately, there is still a necessity to improve these security requirements engineering approaches. Determining the most suitable security requirements engineering method for trustworthy healthcare software development is a challenging process. This study is aimed to present security experts’ perspective on the relative importance of the criteria for selecting effective SRE method by utilizing the multi-criteria decision making methods. METHODS: The study was planned and conducted to identify the most appropriate SRE approach for quality and trustworthy software development based on the security expert’s knowledge and experience. The hierarchical model was evaluated by using fuzzy TOPSIS model. Effective SRE selection criteria were compared in pairs. 25 security experts were asked to response the pairwise criteria comparison form. RESULTS: The impact of the recognized selection criteria for effective security requirements engineering approaches has been evaluated quantitatively. For each of the 25 participants, comparison matrixes were formed based on the scores of their responses in the form. The consistency ratios (CR) were found to be smaller than 10% (CR = 9.1% < 10%). According to pairwise comparisons result; with a 0.842 closeness coefficient (Ci), STORE methodology is the most effective security requirements engineering approach for trustworthy healthcare software development. CONCLUSIONS: The findings of this research study demonstrate various factors in the decision-making process for the selection of a reliable method for security requirements engineering. This is a significant study that uses multi-criteria decision-making tools, specifically fuzzy TOPSIS, which used to evaluate different SRE methods for secure and trustworthy healthcare application development.
format Online
Article
Text
id pubmed-7502023
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher BioMed Central
record_format MEDLINE/PubMed
spelling pubmed-75020232020-09-22 A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development Ansari, Md Tarique Jamal Al-Zahrani, Fahad Ahmed Pandey, Dhirendra Agrawal, Alka BMC Med Inform Decis Mak Research Article BACKGROUND: Today’s healthcare organizations want to implement secure and quality healthcare software as cyber-security is a significant risk factor for healthcare data. Considering security requirements during trustworthy healthcare software development process is an essential part of the quality software development. There are several Security Requirements Engineering (SRE) methodologies, framework, process, standards available today. Unfortunately, there is still a necessity to improve these security requirements engineering approaches. Determining the most suitable security requirements engineering method for trustworthy healthcare software development is a challenging process. This study is aimed to present security experts’ perspective on the relative importance of the criteria for selecting effective SRE method by utilizing the multi-criteria decision making methods. METHODS: The study was planned and conducted to identify the most appropriate SRE approach for quality and trustworthy software development based on the security expert’s knowledge and experience. The hierarchical model was evaluated by using fuzzy TOPSIS model. Effective SRE selection criteria were compared in pairs. 25 security experts were asked to response the pairwise criteria comparison form. RESULTS: The impact of the recognized selection criteria for effective security requirements engineering approaches has been evaluated quantitatively. For each of the 25 participants, comparison matrixes were formed based on the scores of their responses in the form. The consistency ratios (CR) were found to be smaller than 10% (CR = 9.1% < 10%). According to pairwise comparisons result; with a 0.842 closeness coefficient (Ci), STORE methodology is the most effective security requirements engineering approach for trustworthy healthcare software development. CONCLUSIONS: The findings of this research study demonstrate various factors in the decision-making process for the selection of a reliable method for security requirements engineering. This is a significant study that uses multi-criteria decision-making tools, specifically fuzzy TOPSIS, which used to evaluate different SRE methods for secure and trustworthy healthcare application development. BioMed Central 2020-09-18 /pmc/articles/PMC7502023/ /pubmed/32948169 http://dx.doi.org/10.1186/s12911-020-01209-8 Text en © The Author(s) 2020 Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/. The Creative Commons Public Domain Dedication waiver (http://creativecommons.org/publicdomain/zero/1.0/) applies to the data made available in this article, unless otherwise stated in a credit line to the data.
spellingShingle Research Article
Ansari, Md Tarique Jamal
Al-Zahrani, Fahad Ahmed
Pandey, Dhirendra
Agrawal, Alka
A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title_full A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title_fullStr A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title_full_unstemmed A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title_short A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
title_sort fuzzy topsis based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
topic Research Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7502023/
https://www.ncbi.nlm.nih.gov/pubmed/32948169
http://dx.doi.org/10.1186/s12911-020-01209-8
work_keys_str_mv AT ansarimdtariquejamal afuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT alzahranifahadahmed afuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT pandeydhirendra afuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT agrawalalka afuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT ansarimdtariquejamal fuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT alzahranifahadahmed fuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT pandeydhirendra fuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment
AT agrawalalka fuzzytopsisbasedanalysistowardselectionofeffectivesecurityrequirementsengineeringapproachfortrustworthyhealthcaresoftwaredevelopment

Ejemplares similares