Security Quantification Model Suhel Ahmad Khan (1), , Raees Ahmad Khan (2) (1) Department of Information Technology.Babasaheb Bhimrao Ambedkar University (A Central University),Lucknow,UP (India) E-mail: ahmadsuhel28@gmail.Com (2) Department of Information Technology.Babasaheb Bhimrao Ambedkar University (A Central University),Lucknow, UP (India) E-mail: khanraees@yahoo.Com ABSTRACT Software security estimation is the valuable technique of understanding for improving, guiding and controlling security integration at design phase. It is required to assess performance and degree of protection using security attrib- utes including confidentiality, integrity and availability. The assessment of se- curity using model is more appropriate and its validation signifies the valid im- pact. The security quantification model is developed by multiple regression technique using design complexity as a key factor. The applied statistical analysis on this study concludes its statistical significance. Keywords: Object Oriented Design Constructs, Software Security, Security Quantification, Security Quantification Model 1- INTRODUCTION The increasing frequency of computer users is a real indication of e- development. Internet offers e-commerce facility easily at your place just a click distance from your computer. With the advancement of technology, the security has become a major concern. One of the biggest challenge, to protect the technical privileges of users form intruders or information hackers. A secu- rity report of Secunia reveals that 50% of the users are exposed to more than 297 security vulnerabilities over a year [1]. The growing size and connectivity of system through internet attract malicious attacks. It is not necessarily that complex system is more secure, because enough complexity makes system hard to understand and difficult to analyze. The most challenging issue for complex system is hidden risk factor which takes more time to reveal its re- percussions. For a large system, bugs can‟t be avoided. So it provides more avenues for attacks. It is proved that security cannot be achieved only with the help of firewalls, antivirus etc. Developing secure software is a must to achieve secure soft- ware. Software development team is faced with the challenge of integrating security within the development life cycle to deliver secure software. Everyone involved in software development, deployment, or procurement understands the need for and importance of incorporating security; but unfortunately, one is unaware of the concepts of security and its implementation. It has been re- vealed that design flaws and errors are normally the main cause of security holes that are explored by attackers. It has been proved by the security ex- Security Quantification Model Khan and Khan 75