Skip to Main Content
Retrofitting security requirement into an existing system tends to result in less wanted qualities. So, it is a preferred practice to design with security in mind right from the beginning of the development process. An NFR framework has been established to incorporate non-functional requirements (NFRs) (L. Chung et al., 2000) that are crucial to secure system design into the development process. In this paper, we propose a methodology that utilizes the NFR framework to come up with secure design by selecting security design patterns for the domain specific application such as e-commerce system.