Secure business application logic for e-commerce systems

Article

Nabi, Faisal. 2005. "Secure business application logic for e-commerce systems." Computers and Security. 24 (3), pp. 208-217. https://doi.org/10.1016/j.cose.2004.08.008

Article Title	Secure business application logic for e-commerce systems
ERA Journal ID	17813
Article Category	Article
Authors	Nabi, Faisal
Journal Title	Computers and Security
Journal Citation	24 (3), pp. 208-217
Number of Pages	10
Year	2005
Place of Publication	United Kingdom
ISSN	0167-4048
	1872-6208
Digital Object Identifier (DOI)	https://doi.org/10.1016/j.cose.2004.08.008
Web Address (URL)	https://www.sciencedirect.com/science/article/pii/S0167404804002123
Abstract	The major reason why most people are still sceptical about e-commerce is the perceived security and privacy risks associated with e-transactions, e.g., data, smart cards, credit cards and exchange of business information by means of online transactions. Today, vendors of e-commerce systems have relied solely on secure transaction protocols such as SSL, while ignoring the security of server and client software. This article, Secure Business Application Logic for e-commerce Systems, discusses a key weak link in e-commerce systems: the business application logic. Although the security issues of the front-end and back-end software systems in e-commerce application warrant equal attention, but this research focuses on the Security of Middle Tier of e-commerce server that implements the business application logic and traditionally, e-commerce sites implemented the middle tier of software on the web server using CGI. We also present strategies for secure business application logic: good design and engineering, secure configuration, defensive programming and secure wrappers for server-side software. © 2004 Elsevier Ltd. All rights reserved.
Keywords	Business application logic; CGI scripts; Client trust; E-commerce; Privacy; Security; SSL
Public Notes	There are no files associated with this item.
Byline Affiliations	University of Luton, United Kingdom
	Library Services

Permalink -

https://research.usq.edu.au/item/wz7w3/secure-business-application-logic-for-e-commerce-systems

60
total views
0
total downloads
4
views this month
0
downloads this month

Export as

Related outputs

Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems

Nabi, Faisal, Yong, Jianming, Tao, Xiaohui, Malhi, Muhammad Saqib, Farhan, Muhammad and Mahmood, Umar. 2021. "Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems." Journal of Information Security. 12 (3), pp. 189-211. https://doi.org/10.4236/jis.2021.123010

Security aspects in modern service component‑oriented application logic for social e‑commerce systems

Nabi, Faisal, Yong, Jianming and Tao, Xiaohui. 2021. "Security aspects in modern service component‑oriented application logic for social e‑commerce systems." Social Network Analysis and Mining. 11 (1). https://doi.org/10.1007/s13278-020-00717-9

Organizing Classification of Application Logic Attacks in Component-based E-Commerce Systems

Nabi, Faisal, Yong, Jianming, Tao, Xiaohui, Farhan, Muhammad and Naseem, Nauman. 2021. "Organizing Classification of Application Logic Attacks in Component-based E-Commerce Systems." Journal of Computer Science. 17 (11), pp. 1046-1057. https://doi.org/10.3844/JCSSP.2021.1046.1058

Security Assurance Process for Service Component-Oriented Application Logic for Social Interaction in E-Commerce Banking Applications

Nabi, Faisal. 2021. Security Assurance Process for Service Component-Oriented Application Logic for Social Interaction in E-Commerce Banking Applications. PhD by Publication Doctor of Philosophy. University of Southern Queensland. https://doi.org/10.26192/q7q82

Concepts of Safety Critical Systems Unification Approach & Security Assurance Process

Nabi, Faisal, Yong, Jianming, Tao, Xiaohui, Malhi, Muhammad Saqib, Mahmood, Umar and Iqbal, Usman. 2020. "Concepts of Safety Critical Systems Unification Approach & Security Assurance Process." Journal of Information Security. 11 (4), pp. 292-303. https://doi.org/10.4236/jis.2020.114018

Classification of logical vulnerability based on group attack method

Nabi, Faisal, Yong, Jianming and Tao, Xiaohui. 2021. "Classification of logical vulnerability based on group attack method." Journal of Ubiquitous Systems and Pervasive Networks. 14 (1), pp. 19-26. https://doi.org/10.5383/JUSPN.14.01.004

A security review of event-based application function and service component architecture

Nabi, Faisal, Yong, Jianming and Tao, Xiaohui. 2020. "A security review of event-based application function and service component architecture." International Journal of Systems and Software Security and Protection. 11 (2), pp. 58-70. https://doi.org/10.4018/IJSSSP.2020070104

Classification of Logical Vulnerability Based on Group Attacking Method

Nabi, Faisal, Yong, Jianming and Tao, Xaiohui. 2020. "Classification of Logical Vulnerability Based on Group Attacking Method." 11th International Conference on Ambient Systems, Networks and Technologies (ANT 2020). Warsaw Poland 06 - 09 Apr 2020 Netherlands. Elsevier. https://doi.org/10.1016/j.procs.2020.03.109

Proposing a secure component-based-application logic and system’s integration testing approach

Nabi, Faisal, Yong, Jianming and Tao, Xiaohui. 2019. "Proposing a secure component-based-application logic and system’s integration testing approach." International Journal of Information and Electronics Engineering. 11 (1), pp. 25-39. https://doi.org/10.6636/IJEIE.20190911(1).04