The rapid growth of the commercial use of the Internet goes along with a ri
sing need for security for both customer and merchant. As many parties and
different systems are involved, security becomes a complicated issue. There
fore, the need for definition, structuring, and quantification of security
arises. This paper proposes a structured approach to analyze security measu
res and to quantify the overall security of an electronic business applicat
ion. The quantifier is calculated through a security matrix which breaks do
wn the assessment of security into smaller parts. These parts correspond to
the locations, security objectives, and implemented security mechanisms of
the application. The security quantifier can be used to analyze and design
the application, and to compare it with other applications.