Designing a Framework Method for Secure Business Application Logic Integrity in e-Commerce Systems
Designing a Framework Method for Secure
|ERA Journal ID
|International Journal of Network Security
|12 (1), pp. 29-41
|Number of Pages
|Jalaxy Technology Co. Ltd.
|Place of Publication
Currently e-commerce system security focuses on mechanisms such as secure transactional protocols, cryptographic schemes, parameter sanitization and it is assumed that putting these in place will guarantee a secure e-Commerce application. However, often vulnerabilities in the business application logic itself are often ignored that can make the effect of these security mechanisms null and void. Essentially, the weakest link can be at the server rather the client and ignoring this is done at a developer's peril. This paper focuses on this weakest link in e-commerce system. In particular, it considers component-based middleware platforms where vulnerabilities may exist in the middleware itself or the components used to construct the e-Commerce application. We outline a logic attacks that would not be prevented by the deployment of the mechanisms commonly used in e-Commerce systems. To counter this problem, we present a secure framework method based on existing techniques that treats security as a first-class concept and considers its interaction with business logic.
|CBS; Design flaws; e-commerce system; Integrity; Logical attacks; Logical flaws; Software flaws
There are no files associated with this item.
|Hazraat Baba Bullah Shah Research Center, Pakistan
3views this month
0downloads this month