Research Article
An Efficient Identification of Security Threats in Requirement Engineering Methodology
Table 10
Threats are prioritized based on their DREAD risk value.
| | Threat ID | Threat | DREAD value | Alleviated |
| | T1 | User give hostile structure query language (SQL) information | 10 | No | | T5 | Entering the DB | 10 | Yes | | T10 | ERP system crashing | 10 | Yes | | T4 | Exposing the user information | 9.2 | No | | T8 | Falsification of user information | 9.2 | No | | T6 | Hacking sign in page of the admin | 7.6 | Yes | | T9 | Removing the account of the user | 7.6 | Yes | | T12 | Entering without sign in | 7.6 | No | | T2 | Exposure of sign-in information | 6.6 | No | | T7 | Notification of message is blocked | 6.4 | Yes | | T11 | Unpermitted access | 5.2 | Yes | | T3 | Hack of session ID | 3.8 | No |
|
|
