Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems
Article
Article Title | Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems |
---|---|
Article Category | Article |
Authors | Nabi, Faisal (Author), Yong, Jianming (Author), Tao, Xiaohui (Author), Malhi, Muhammad Saqib (Author), Farhan, Muhammad (Author) and Mahmood, Umar (Author) |
Journal Title | Journal of Information Security |
Journal Citation | 12 (3), pp. 189-211 |
Article Number | 1 |
Number of Pages | 23 |
Year | 2021 |
Place of Publication | United States |
Digital Object Identifier (DOI) | https://doi.org/10.4236/jis.2021.123010 |
Web Address (URL) | https://www.scirp.org/journal/paperinformation.aspx?paperid=109083 |
Abstract | Security practices such as Audits that often focus on penetration testing are performed to find flaws in some types of vulnerability & use tools, which have been tailored to resolve certain risks based on code errors, code conceptual assumptions bugs, etc. Most existing security practices in e-Commerce are dealt with as an auditing activity. They may have policies of security, which are enforced by auditors who enable a particular set of items to be reviewed, but also fail to find vulnerabilities, which have been established in compliance with application logic. In this paper, we will investigate the problem of business logic vulnerability in the component-based rapid development of e-commerce applications while reusing design specification of component. We propose secure application functional processing Logic Security technique for component-based e-commerce application, based on security requirement of e-business process and security assurance logical component behaviour specification approach to formulize and design a solution for business logic vulnerability phenomena. |
Keywords | Business Logic Design Flaws, Components Integration Flaws, E-CommerceSystem, Assurance & Security, Model Based Design, Business Logic Attacks,Attack Pattern |
Contains Sensitive Content | Does not contain sensitive content |
ANZSRC Field of Research 2020 | 460406. Software and application security |
Byline Affiliations | School of Management and Enterprise |
School of Sciences | |
Melbourne Institute of Technology | |
Institution of Origin | University of Southern Queensland |
https://research.usq.edu.au/item/q655z/process-of-security-assurance-technique-for-application-functional-logic-in-e-commerce-systems
Download files
369
total views198
total downloads4
views this month1
downloads this month