loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Rattikorn Hewett 1 ; Phongphun Kijsanayothin 1 and Meinhard Peters 2

Affiliations: 1 Texas Tech University, United States ; 2 The University of Johannesburg, South Africa

Keyword(s): Risk assessment, computer security, software design, web-based systems.

Related Ontology Subjects/Areas/Topics: e-Business and e-Commerce ; Internet Technology ; Society, e-Business and e-Government ; Web Information Systems and Technologies ; Web Security and Privacy ; Web Services and Web Engineering

Abstract: Web-based information systems play increasingly important roles in providing functions and business services for many organizations. Because of their ubiquitous natures dealing with a huge and diverse population of users, web applications must be tolerant to errors, adverse interactions and malicious attacks. The ability to quickly estimate security risks early in the system development life cycle can be beneficial in making various decisions. This is particularly crucial for large and complex web applications that are asset-critical and evolve rapidly through long life cycles. This paper presents a systematic approach for the automated assessment of security risks, at the design stage, of web-based information systems. The approach combines risk concepts in reliability engineering with heuristics using characteristics of software and hardware deployment design to estimate security risks of the system to be developed. It provides a simple early estimate of security risks that can he lp locate high-risk software components. We discuss limitations of the approach and give an illustration in an industrial engineering and business-to-business domain using a case study of a web-based material requirements planning system for a manufacturing enterprise. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.238.135.30

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Hewett, R.; Kijsanayothin, P. and Peters, M. (2007). SECURITY RISK ANALYSIS IN WEB APPLICATION DESIGN. In Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST; ISBN 978-972-8865-77-1; ISSN 2184-3252, SciTePress, pages 28-35. DOI: 10.5220/0001266700280035

@conference{webist07,
author={Rattikorn Hewett. and Phongphun Kijsanayothin. and Meinhard Peters.},
title={SECURITY RISK ANALYSIS IN WEB APPLICATION DESIGN},
booktitle={Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST},
year={2007},
pages={28-35},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001266700280035},
isbn={978-972-8865-77-1},
issn={2184-3252},
}

TY - CONF

JO - Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 2: WEBIST
TI - SECURITY RISK ANALYSIS IN WEB APPLICATION DESIGN
SN - 978-972-8865-77-1
IS - 2184-3252
AU - Hewett, R.
AU - Kijsanayothin, P.
AU - Peters, M.
PY - 2007
SP - 28
EP - 35
DO - 10.5220/0001266700280035
PB - SciTePress