ONTOLOGY DESIGN AND MAPPING FOR BUILDING SECURE E-COMMERCE SOFTWARE

Esmiralda Moradian, Anne Håkansson

2012

Abstract

Developers are struggling with the challenging task of producing secure e-commerce software. Nonetheless, software insecurity remains an issue for e-commerce organisations. Software engineers are expected to pos-sess knowledge in the software engineering area, as well as, security. In addition, they are required to under-stand and correctly identify the relationships between the security concepts. However, developers commonly lack this knowledge and consequently, security is often omitted during the engineering process. To support developers to face the challenge, we use ontology based techniques for structuring and representation of security knowledge. Categorization according to the security properties of confidentiality, integrity, and availability is needed to provide a holistic view over the security requirements, assets, security threats, and security controls. Moreover, we propose mapping of different security ontologies to provide traceability. For this purpose, we use meta-agents and software agents in multi-agent system. We present a development scenario of electronic invoice presentment system, where we demonstrate how usage of ontologies in combination with multi-agent system can improve security of e-commerce software systems.

References

  1. Awad, E. M. 2007. Electronic Commerce From Vision to Fulfillment. Pearson Prentice Hall 3rd Ed., ISBN 0-13- 173521-7
  2. Bishop, M. 2005 Introduction to Computer Security. Pearson Education.
  3. Gorodetski, V. I., Popyack, L. J., Kotenko, I. V, Skormin, V. A. 1999. Ontology-Based Multi-Agent Model of an Information Security System. Springer-Verlag Berlin Heidelberg. LNAI 1711, pp. 528-532
  4. ISO/IEC 15408:2009 Common Criteria for Information Technology Evaluation, Part 1: Introduction and general model. V.3.1 Revision 3, CCMB-2009-07-001
  5. Håkansson, A., Hartung, R., Moradian, E., Wu, D. 2010. Comparing Ontologies Using Multi-Agent System and Knowledge Base. Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part IV, SpringerVerlag Berlin, Heidelberg ©2010
  6. Laudon, K. C., Traver, C. G. E-Commerce business. Technology. Society. 4th Ed. Pearson InternationalEdition. 2008. ISBN-10: 0-13-500932-4
  7. McGraw, G. 2006. Software Security Building Security in. Addison-Wesley Pearson Ed., ISBN 0-321-35670-5.
  8. Moradian, E., and Håkansson, A. 2006. Possible attacks on XML Web Services. (IJCSNS) International Journal of Computer Science and Network Security. Journal ISSN: 1738-7906 Volume Number: Vol.6, No.1B,
  9. Moradian, E. Håkansson, A., Andersson, J-O. 2010. MultiAgent System Supporting Security Requirements Engineering. Accepted in The 9th International Conference of Software Engineering Research and Practice (SERP 10)
  10. Tsoumas, B., Dritsas, S., and Gritzalis, D. 2005. An Ontology-Based Approach to Information System Security Management. LNCS, 2005, Volume 3685/2005, pp. 151-164
  11. Turban, E., King, D., McKay, J., Marshall, P., Lee, J., Viehland, D. 2008. Electronic Commerce A Managerial Perspective. Pearson Education. Upper Saddle River, NJ
Download


Paper Citation


in Harvard Style

Moradian E. and Håkansson A. (2012). ONTOLOGY DESIGN AND MAPPING FOR BUILDING SECURE E-COMMERCE SOFTWARE . In Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-8565-08-2, pages 167-173. DOI: 10.5220/0003938901670173


in Bibtex Style

@conference{webist12,
author={Esmiralda Moradian and Anne Håkansson},
title={ONTOLOGY DESIGN AND MAPPING FOR BUILDING SECURE E-COMMERCE SOFTWARE},
booktitle={Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2012},
pages={167-173},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003938901670173},
isbn={978-989-8565-08-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 8th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - ONTOLOGY DESIGN AND MAPPING FOR BUILDING SECURE E-COMMERCE SOFTWARE
SN - 978-989-8565-08-2
AU - Moradian E.
AU - Håkansson A.
PY - 2012
SP - 167
EP - 173
DO - 10.5220/0003938901670173