Asset Assessment in Web Applications

Author

Romero, Brunil D M ; Haddad, Hisham M.

Author_Institution

Processes & Syst. Dept., Simon Bolivar Univ., Sartenejas, Venezuela

fYear

2010

fDate

12-14 April 2010

Firstpage

762

Lastpage

767

Abstract

Security, a quality attribute in web applications, improves the level of quality in the processes needed to manage information, and therefore achieving business objectives. Web Engineering must address new challenges facing web application development in order to offer new techniques that guarantee high quality applications. This work is part of an over all project that focuses on Risk Assessment in web application development to help organizations determine security risks in information management systems. The formal approach to identifying and evaluating information assets is explored using the EBIOS method and the MAGERIT methodology. The previous phase of this research presented a methodological tool for asset identification in web applications. This work presents a methodological tool for asset assessment. The work is carried out using a University Web Application to help the University achieve security risk assessment.

Keywords

Internet; information management; risk management; security of data; EBIOS method; MAGERIT methodology; Web application development; Web engineering; asset assessment; asset identification; information management systems; security risk assessment; Automatic testing; Electronic mail; Error correction; IP networks; Information filtering; Information filters; Internet; Phase detection; Protection; Telecommunication traffic; Computer Security; Information Security Management; Web Engineering;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: New Generations (ITNG), 2010 Seventh International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-4244-6270-4

Type

conf

DOI

10.1109/ITNG.2010.170

Filename

5501689