Enhancing the security measures for web based application / Herman Md Tahir

Enhancing the security measures for web based application / Herman Md Tahir

Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of charact...

全面介绍

Saved in:
书目详细资料
主要作者: Md Tahir, Herman
格式: Thesis
语言:English
出版: 2015
主题:
Cryptography
Access control
Computer security
Web applications
在线阅读:https://ir.uitm.edu.my/id/eprint/64720/1/64720.pdf
标签: 添加标签
没有标签, 成为第一个标记此记录!
实物特征
总结:Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of characteristics namely Functionality, Reliability, Usability, Efficiency, Maintainability and Portability and its' sub characteristics. Security on the other hand is identified as one of the sub characteristic of Functionality. The ISO/IEC TR 9126-2 further explained the quality model of ISO/IEC 9126-1 by defining the measures or metrics for the sub characteristics. However, the existing ISO/IEC TR 9126-2 that was last revised in 2003 is limited in term of exposure to the latest IT and SE technology. It is also reported to be having certain weaknesses (Rafa A, 2009). Furthermore the standard defines general measures or metrics which can be applied to any type of product. Rightfully, a different type of application requires more specific security measures than the existing ones in the standard. Industry guidelines such as the Open Web Application Security Project (OWASP) and the Information Security Management Systems (ISMS) are another source to identify the security measures. This research is aimed at studying the current practice for measuring the security of a web based application and eventually proposes additional Security measures for web based application based on collective industry best practices, practitioners experience and input and expert opinions. Based on content analysis and interviews conducted on experts, summarized in this report is the proposed additional security measures or metrics for web based application.

相似书籍