..............................
            ..............................
            ..............................
            
Fuzzy Logic based Decision Support System for
        
        Software  components  are  imperative  parts  of  a  system  which  play  a  fundamental  role  in  the  overall  function  of a 
system.  A  component  is  said  to  be  secure  if  it  has a  towering  scope  of  security. Security  is a shield  for  unauthorized  use as 
unauthorized  users  may  informally  access  and  modify  components  within  a  system.  Such  accessing  and  modifications 
ultimately  affect  the  functionality  and  efficiency  of a system.  With an increase  in  software  development  activities  security  of 
software  components is becoming an important issue. In this study, a fuzzy  logic  based model  is presented to handle ISO/IEC 
18028-2  security  attributes  for  component  security  evaluation.  For  this  purpose  an  eight input,  single output  model based  on 
the  Mamdani  fuzzy  inference  system  has  been  proposed. This component  security  evaluation model helps software  engineers 
during component selection in conditions of uncertainty and ambiguity.    
            [1] Bilal M., Hussain A., Jaffar M., Choi T., and Mirza A., Estimation and Optimization Based ill-posed Inverse Restoration using Fuzzy Logic, Multimedia Tools and Applications, vol. 69, no. 3, pp. 1067-1087, 2014.
[2] Cai X., Lyu R., and Wong K., Component- Based Embedded Software Engineering: Development Framework, Quality Assurance and A Generic Assessment Environment, International Journal of Software Engineering and Knowledge Engineering, vol. 12, no. 2, pp. 107-133, 2002.
[3] Engina O., elika A., and Kaya ., A fuzzy Approach to Define Sample Size for Attributes Control Chart in Multistage Processes: An Application in Engine Valve Manufacturing Process, Applied Soft Computing, vol. 8, no. 4, pp. 1654-1663, 2008.
[4] Fredrick T. and Radhamani G., The Fuzzy Logic Based ECA Rule Processing for XML Databases, The International Arab Journal of Information Technology, vol. 12, no. 6A, pp. 635-641, 2015.
[5] Gandotra V., Singhal A., and Bedi P., A Step Towards Secure Software System using Fuzzy logic, in proceedings of 2nd International Conference on Computer Engineering and Technology, Chengdu, pp. 427-432, 2010.
[6] Ghosh A. and McGraw G., An Approach for Certifying Security in Software Components, in Proceedings of 21st National Information Systems Security Conference, National Institute, Standards and Technology, pp. 82-86, 1998.
[7] Jeon G., Park S., Fang Y., Lee R., and Jeong J., Application for Deinterlacing Method using Edge Direction Classification and Fuzzy Inference System, Multimedia Tools and Applications, vol. 59, no. 1, pp. 149-168, 2012.
[8] Khan K., Han J., and Zheng Y., Security Properties of Software Components, in Proceedings of International Workshop on Information Security, Kuala Lumpur, pp. 52-56, 1999.
[9] Khan K. and Han J., A Security Characterisation Framework for Trustworthy Component Based Software Systems, in Proceedings of the 27th Annual International Computer Software and Applications Conference, Dallas, pp. 164 - 169, 2003.
[10] Khan K., Han J., and Zheng Y., A Scenario Based Security Characterisation of Software Components, in Proceedings of the 3rd Australasian Workshop on Software and System Architectures, Sydney, pp. 55-63, 2000.
[11] Lee J., Yoo C., and Chang O., Component Contract-Based Interface Specification Technique using Z, International Journal of Software Engineering and Knowledge Engineering, vol. 12, no. 4, pp. 453-469, 2002.
[12] Liao N., Tian S., and Wang T., Network Forensics based on Fuzzy Logic and Expert System, Computer Communications, vol. 32, no. 17, pp. 1881-1892, 2009.
[13] Lofti A., Fuzzy Logic, Computer, vol. 21, no. 4, pp. 83-93, 1988.
[14] Moriconi M., Qian X., Riemenschneider R., and Gong L., Secure Software Architectures, IEEE Symposium on Security and Privacy, CA, pp. 84- 93, 1997.
[15] Nazir S., Khan M., Anwar S., Khan H., and Nazir M., A Novel Fuzzy Logic Based Software Component Selection Modeling, in Proceedings of International Conference on Information Science and Applications, Suwon, pp. 1-6, 2012.
[16] Nazir S., Shahzad S., Khan S., Alias N., and Anwar S., A Novel Rules Based Approach for Estimating Software Birthmark, The Scientific World Journal, vol. 2015, pp. 1-8, 2015.
[17] Rawashdeh A. and Matalkah B., A New Software Quality Model for Evaluating COTS Components, Journal of Computer Science, vol. 2, no. 4, pp. 373-381, 2006.
[18] Sandhu P. and Singh H., A neuro-fuzzy based Software Reusability Evaluation System with Optimized Rule Selection, in Proceedings of International Conference on Emerging Technologies, Peshawar, pp. 664-669, 2006.
[19] Siadat S., Rahmani A., and Mohsenzadeh M., Proposed Platform for Improving Grid Security by Trust Management System, Computer Science and Information Security, vol. 6, no.1, pp. 143-148, 2009.
[20] Sabnis S., Chandrashekhar U., and Bastry F., Challenges of Securing an Enterprise and Meeting Regulatory Mandates, in Proceedings of the 12th International Telecommunications Network Strategy and Planning Symposium, New Delhi, pp. 1-6, 2006. Fuzzy Logic based Decision Support System for Component Security Evaluation 231 Shah Nazir did PhD in Computer Science with specialization in Software Engineering from University of Peshawar. He has more than 20 research publications in well reputed international Journals and conference proceedings. He is serving at the University of Peshawar, Pakistan. Sara Shahzad has a Ph.D. in Agile Software Development Processes with an interest towards Software Process Improvement. She is running Software Engineering research group at the department of Computer Science, University of Peshawar. Currently, she is working in the areas of software quality, reverse engineering, and empirical Software Engineering research with a focus on Software Engineering Education. Saeed Mahfooz has done his Ph.D. from Liverpool John Moore University, Liverpool, UK in Distributed Multimedia Systems in 2001. Before that he has done MS from WIU Arizona State, USA in 1990. His research interest includes QoS Architectures, QoS Routing, Network Protocols, IPv6, Cloud Computing, Wireless Networks, MANETs, future Internet architecture and Next Generation Networks. He is also heading the Computer Networks Research Group at Department of Computer Science, University of Peshawar. He is also member of IEEE and currently he is head of the Computer Science Department, University of Peshawar. Muhammad Nazir did his MSc in Computer Science from University of Peshawar. Currently he is enrolled in MS Computer Science program with specialization in the field of databases.
