Secure business application logic for e-commerce systems
Secure business application logic for
|ERA Journal ID||17813|
|Journal Title||Computers and Security|
|Journal Citation||24 (3), pp. 208-217|
|Number of Pages||10|
|Place of Publication||United Kingdom|
|Digital Object Identifier (DOI)||https://doi.org/10.1016/j.cose.2004.08.008|
|Web Address (URL)||https://www.sciencedirect.com/science/article/pii/S0167404804002123|
The major reason why most people are still sceptical about e-commerce is the perceived security and privacy risks associated with e-transactions, e.g., data, smart cards, credit cards and exchange of business information by means of online transactions. Today, vendors of e-commerce systems have relied solely on secure transaction protocols such as SSL, while ignoring the security of server and client software. This article, Secure Business Application Logic for e-commerce Systems, discusses a key weak link in e-commerce systems: the business application logic. Although the security issues of the front-end and back-end software systems in e-commerce application warrant equal attention, but this research focuses on the Security of Middle Tier of e-commerce server that implements the business application logic and traditionally, e-commerce sites implemented the middle tier of software on the web server using CGI. We also present strategies for secure business application logic: good design and engineering, secure configuration, defensive programming and secure wrappers for server-side software. © 2004 Elsevier Ltd. All rights reserved.
|Keywords||Business application logic; CGI scripts; Client trust; E-commerce; Privacy; Security; SSL|
There are no files associated with this item.
|Byline Affiliations||University of Luton, United Kingdom|
0views this month
0downloads this month