3.6.2 Availability This should specify the factors required to guarantee a defined availability level for the entire system
such as checkpoint, recovery, and restart
. Example •
System should be available for 7 days and 24 hours. •
In the application side, system should be tested against probable failures before publishing the first version or updated versions of application. Published version should be error free •
In database side, in case of a failure, system should recover any information for user and system. 3.6.3 Security This should specify the factors that protect the software from accidental or malicious access, use,
modification, destruction, or disclosure. Specific requirements in this area could include the need to
a)
Utilize certain crypto-graphical techniques
b)
Keep specific log or history data sets
c)
Assign certain functions to different modules
d)
Restrict communications between some areas of the program
e)
Check data integrity for critical variables
Example •
The system must not request unnecessary permissions from the user in order to prevent unwanted attacks. •
Stored data of the application should not be reached by other applications that are installed in the user’s mobile device. •
Stored data in the mobile device and sent data via internet should be encrypted. Sent and received data should be transferred via HTTPS connection. And also authenticated and encrypted socket-level communication should be implemented. 3.6.4
