Security of electronic business applications - structure and quantification

Citation
S. Rohrig et al., Security of electronic business applications - structure and quantification, WIRTSCHAFTS, 42(6), 2000, pp. 499
Citations number
41
Categorie Soggetti
Information Tecnology & Communication Systems
Journal title
WIRTSCHAFTSINFORMATIK
ISSN journal
09376429 → ACNP
Volume
42
Issue
6
Year of publication
2000
Database
ISI
SICI code
0937-6429(200012)42:6<499:SOEBA->2.0.ZU;2-D
Abstract
The rapid growth of the commercial use of the Internet goes along with a ri sing need for security for both customer and merchant. As many parties and different systems are involved, security becomes a complicated issue. There fore, the need for definition, structuring, and quantification of security arises. This paper proposes a structured approach to analyze security measu res and to quantify the overall security of an electronic business applicat ion. The quantifier is calculated through a security matrix which breaks do wn the assessment of security into smaller parts. These parts correspond to the locations, security objectives, and implemented security mechanisms of the application. The security quantifier can be used to analyze and design the application, and to compare it with other applications.