In this section, you will focus on functional [data security] requirements and the design of the SaaS. You should focus on requirements that ensure end-to-end protection of data in transit. One...

Secure Quality Requirements Engineering (SQUARE) methodology is a process that software development teams use to determine and prioritize security requirements from stakeholders on the basis of goals of the system. The methodology is decomposed into nine discreet steps. The steps are described as
1. The stakeholders and software development team are required to agree on definitions. These definitions shall be used throughout the elicitation process. Security controls are negotiated into contracts for service where privacy issues are dealt legally. These include software development lifecycle, compliance, application security architecture, vulnerabilities and tools and services.
2. Security goals are identified. Requirement engineers team along with the stakeholders identify the assets and security goals for the system. Security threats are examined by understanding the application security goals which is done by categorizing them into business goals and individual goals. These goals are considered from the beginning of the SQUARE process and include authentication, authorization, auditing, confidentiality, integrity and availability.
3. Artifacts are developed in the third step. Security goals identified in the second step are used by the requirements engineering team to define security requirements. It...