Security aspects in modern service component‑oriented application logic for social e‑commerce systems
Article
Article Title | Security aspects in modern service component‑oriented application logic for social e‑commerce systems |
---|---|
ERA Journal ID | 201501 |
Article Category | Article |
Authors | Nabi, Faisal (Author), Yong, Jianming (Author) and Tao, Xiaohui (Author) |
Journal Title | Social Network Analysis and Mining |
Journal Citation | 11 (1) |
Article Number | 22 |
Number of Pages | 19 |
Year | 2021 |
Place of Publication | Austria |
ISSN | 1869-5450 |
1869-5469 | |
Digital Object Identifier (DOI) | https://doi.org/10.1007/s13278-020-00717-9 |
Web Address (URL) | https://link.springer.com/article/10.1007/s13278-020-00717-9 |
Abstract | Modern practices in social commerce are a subset of e-Commerce focusing on security framework protocols such as secure transactional protocols, cryptographic schemes, and sanitization criteria. It is assumed that these practices will ensure stable social media-based e-Commerce applications. The main concern in utilizing these practices focus on software component composition, and integration flaws, which are often overlooked in their business application logic. These problems can render the effect of modern information security concepts null and void. The weakest link in social media-based e-Commerce applications is the component’s logic subversion on its server side, which is caused by developers overlooking the design process. This paper addresses a unique issue in aspects of information security in application logic vulnerability called subversion attack, which can be classified as a design flaw. This kind of security flaw cannot be prevented by many traditional security mechanisms commonly used in modern e-Commerce systems. To address this issue, we propose the use of security assurance methodologies in service component-oriented applications to be utilized through threat modeling and a novel technique component fault detection model. This idea is further extended to the modeling component and its applications using a UML secure design approach. To validate the technique, the methods applied in this paper are verification and validation for security by design testing to avoid the business logic design flaw problem in rapidly built component-based social media e-Commerce applications. |
Keywords | design flaws, subversion attack, social media-based e-commerce system, service component architecture, assurance & security, UML-based modelling, business logic attacks |
ANZSRC Field of Research 2020 | 460406. Software and application security |
Public Notes | Files associated with this item cannot be displayed due to copyright restrictions. |
Byline Affiliations | School of Business |
School of Sciences | |
Institution of Origin | University of Southern Queensland |
https://research.usq.edu.au/item/q641q/security-aspects-in-modern-service-component-oriented-application-logic-for-social-e-commerce-systems
230
total views8
total downloads0
views this month0
downloads this month