Enhancing the security measures for web based application / Herman Md Tahir

Enhancing the security measures for web based application / Herman Md Tahir

Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of charact...

全面介紹

Saved in:
書目詳細資料
主要作者: Md Tahir, Herman
格式: Thesis
語言:English
出版: 2015
主題:
Cryptography
Access control
Computer security
Web applications
在線閱讀:https://ir.uitm.edu.my/id/eprint/64720/1/64720.pdf
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
實物特徵
總結:Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of characteristics namely Functionality, Reliability, Usability, Efficiency, Maintainability and Portability and its' sub characteristics. Security on the other hand is identified as one of the sub characteristic of Functionality. The ISO/IEC TR 9126-2 further explained the quality model of ISO/IEC 9126-1 by defining the measures or metrics for the sub characteristics. However, the existing ISO/IEC TR 9126-2 that was last revised in 2003 is limited in term of exposure to the latest IT and SE technology. It is also reported to be having certain weaknesses (Rafa A, 2009). Furthermore the standard defines general measures or metrics which can be applied to any type of product. Rightfully, a different type of application requires more specific security measures than the existing ones in the standard. Industry guidelines such as the Open Web Application Security Project (OWASP) and the Information Security Management Systems (ISMS) are another source to identify the security measures. This research is aimed at studying the current practice for measuring the security of a web based application and eventually proposes additional Security measures for web based application based on collective industry best practices, practitioners experience and input and expert opinions. Based on content analysis and interviews conducted on experts, summarized in this report is the proposed additional security measures or metrics for web based application.

相似書籍