Title :
Security-Oriented Design for Web-Based Systems: A Critical Review
Author :
Katarahweire, Marriette ; Balikuddembe, Joseph K.
Author_Institution :
Sch. of Comput. & Inf. Technol., Makerere Univ., Kampala, Uganda
Abstract :
Security of web-based systems still remains a key challenge for most IT executives, for software is vulnerable at various stages and most severely weakened in the operational environment. In the past, models and tools or even design techniques have been devised to tackle this challenge. But we still see the reemergence of the same security issues that afflict both traditional and modern web-based systems. Our major goal is to examine what has been done to date in managing this risk, particularly during the software development process and at the deployment stage, so as to establish the research gap upon which further research can revolve. Our findings show that available literature has not extensively addressed how current security mitigating mechanisms can enhance the development of secure web-based systems. Hence, future work directed at bridging this perspective will perhaps provide more insight in advanced techniques that can help manage this problem.
Keywords :
Internet; risk management; security of data; software engineering; Web-based system; deployment stage; risk management; security mitigating mechanism; security-oriented design; software development process; Analytical models; Computational modeling; Educational institutions; Security; Software; Testing; Unified modeling language; Design for Security; Software Security; Web-based System Security;
Conference_Titel :
Sofware Engineering and Applied Computing (ACSEAC), 2012 African Conference on
Conference_Location :
Gaborone
Print_ISBN :
978-0-7695-4909-5
DOI :
10.1109/ACSEAC.2012.15
