Skip to main content

Integrating security design into the software development process for e-commerce systems

Buy Article:

$54.08 plus tax (Refund Policy)

Abstract:

Development of Web-based e-commerce systems has posed challenges in different dimensions of the software development process including design, maintenance and performance. Non-functional requirements such as performance added to the system as an after thought would lead to extremely high cost and undesirable effects. Security, rarely regarded in the past as one of the non-functional requirements, has to be integrated into the software development process due to its impact on e-commerce systems. In this paper, a design methodology based on systems security engineering capability maturity model (SSE-CMM) is proposed to specify design details for the three defined processes: risk, engineering and assurance. By means of an object-oriented security design pattern, security design covering impact, threats, risks and countermeasures for different parts of an e-commerce system can be examined systematically in the risk process. The proposed software development process for secured systems (SDPSS), representing the engineering process, consists of four steps: object and collaboration modeling, tier identification, component identification and deployment specification. Selected unified modeling language notations and diagrams are used to support the SDPSS. Using a simplified supply-chain e-commerce system as an example, integration of security design into the software development process is shown with discussions of possible security assurance activities that can be performed on a design.

Keywords: Computer Security; Risk; Software Development

Document Type: Research Article

DOI: http://dx.doi.org/10.1108/09685220110394758

Publication date: July 4, 2001

mcb/046/2001/00000009/00000003/art00002
dcterms_title,dcterms_description,pub_keyword
6
5
20
40
5

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more