Security Attributes Overview

This section defines the quality attributes that are most relevant to the security dimension of the software.

Availability

We define "Available" as the Web site being online and accepting requests. This implies that the application server, cache server, database server, and job server are all running.

The Availability requirements define our availability targets, downtime handling and reporting, scheduled maintenance windows, and other relevant requirements.

The Confidentiality requirements define our intent to keep both customer and administrator PII safeguarded from unauthorised disclosure. Additionally, this section covers constraints from GDPR, CCA, and other regulations.

Integrity

The Integrity requirements define anti-malware and identity verification requirements, and how the system will ensure data contained within stays consistent.

Observability

The Observability requirements define how the system will report events to external systems, and track both security- and performance-critical data.

Mall on Rails: Software Quality Specification

Security Attributes Overview

Availability

Confidentiality

Integrity

Observability