Open Access

ARTICLE

Managing Software Security Risks through an Integrated Computational Method

Abdullah Alharbi¹, Wael Alosaimi¹, Hashem Alyami², Mohd Nadeem³, Mohd Faizan³, Alka Agrawal³, Rajeev Kumar^3,4,*, Raees Ahmad Khan³

1 Department of Information Technology, College of Computers and Information Technology, Taif University, P. O. Box 11099, Taif 21944, Saudi Arabia
2 Department of Computer Science, College of Computers and Information Technology, Taif University, P. O. Box 11099, Taif 21944, Saudi Arabia
3 Department of Information Technology, Babasaheb Bhimrao Ambedkar University, Lucknow, 226025, India
4 Department of Computer Application, Shri Ramswaroop Memorial University, Lucknow, 225003, India

* Corresponding Author: Rajeev Kumar. Email:

Intelligent Automation & Soft Computing 2021, 28(1), 179-194. https://doi.org/10.32604/iasc.2021.016646

Received 07 January 2021; Accepted 07 February 2021; Issue published 17 March 2021

Abstract

Security risk evaluation of web-based healthcare applications is important from a design perspective. The developers as well as the users need to make sure that the applications must be secure. Citing the disastrous effects of unsecured web applications, Accuntix Online states that the IT industry has lost millions of dollars due to security theft and malware attacks. Protecting the integrity of patients’ health data is of utmost importance. Thus, assessing the security risk of web-based healthcare applications should be accorded the highest priority while developing the web applications. To fulfill the security requirements, the developers must meticulously follow the Multi-Criteria Decision-Making (MCDM) methodology in the assortment of the most effective procedure for security assessment right from the developmental phase of the application. To address the security-related issues in web-based healthcare applications, we have followed the fuzzy-based integrated technique to assess the security risk of web-based healthcare applications. Further, the integrated technology is the combination of Analytic Hierarchy Process (F-AHP) and Technique for Order of Preference by Similarity to Ideal Solution (F-TOPSIS) techniques. The F-AHP approach gives the weights of the factors. We classified the risks into two-levels, Level one had the safety measures factors such as access control, integrity, confidentiality, and, authentication. We selected ten different web-based healthcare applications as alternatives. The calculations based on the proposed methodology ranked the pattern system for access control to be the most prioritized attribute. The outcomes of the study and the procedure used in this assessment would support future research and specialists’ initiatives in organizing web applications through advanced supportable safety and security.

---

Keywords

---

Citations