Skip to main content

Integrating security design into the software development process for e-commerce systems

Buy Article:

$35.77 + tax (Refund Policy)

Development of Web-based e-commerce systems has posed challenges in different dimensions of the software development process including design, maintenance and performance. Non-functional requirements such as performance added to the system as an after thought would lead to extremely high cost and undesirable effects. Security, rarely regarded in the past as one of the non-functional requirements, has to be integrated into the software development process due to its impact on e-commerce systems. In this paper, a design methodology based on systems security engineering capability maturity model (SSE-CMM) is proposed to specify design details for the three defined processes: risk, engineering and assurance. By means of an object-oriented security design pattern, security design covering impact, threats, risks and countermeasures for different parts of an e-commerce system can be examined systematically in the risk process. The proposed software development process for secured systems (SDPSS), representing the engineering process, consists of four steps: object and collaboration modeling, tier identification, component identification and deployment specification. Selected unified modeling language notations and diagrams are used to support the SDPSS. Using a simplified supply-chain e-commerce system as an example, integration of security design into the software development process is shown with discussions of possible security assurance activities that can be performed on a design.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.
No Article Media
No Metrics

Keywords: Computer Security; Risk; Software Development

Document Type: Research Article

Publication date: 04 July 2001

  • Access Key
  • Free content
  • Partial Free content
  • New content
  • Open access content
  • Partial Open access content
  • Subscribed content
  • Partial Subscribed content
  • Free trial content
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more