Afsaneh Gilani - Department of computer, Karaj Branch, Islamic Azad University, Alborz
Nasser Modiri - Department of Electrical, Computer & IT, Zanjan Branch, Islamic Azad University, Zanjan
Alireza Nikravanshalmani - Department of computer, Karaj Branch, Islamic Azad University, Alborz

One of the main challenges of web-based applications is their security vulnerabilities, which are caused by the lack of concern for security issues in the lifecycle of software development. Therefore, concern for security requirements in the lifecycle of software development is one of the essential components of secure software development. Most software troubles are caused by the inappropriate design and development of the software. Almost 50% of security holes emerge in the software design phase. In this paper, the most important secure methods for software development and the characteristics of each method were discussed. Afterwards, using the discussed methods an approach was proposed based on the security requirements engineering for the development of secure web applications

Software security, Security Requirements Engineering, Secure Software Life Cycle, Secure Software Architecture and Design, Secure Software Implementation