Enhancing the security measures for web based application / Herman Md Tahir
Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of charact...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/64720/1/64720.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-uitm-ir.64720 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-uitm-ir.647202023-04-28T02:02:38Z Enhancing the security measures for web based application / Herman Md Tahir 2015 Md Tahir, Herman Cryptography. Access control. Computer security Web applications Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of characteristics namely Functionality, Reliability, Usability, Efficiency, Maintainability and Portability and its' sub characteristics. Security on the other hand is identified as one of the sub characteristic of Functionality. The ISO/IEC TR 9126-2 further explained the quality model of ISO/IEC 9126-1 by defining the measures or metrics for the sub characteristics. However, the existing ISO/IEC TR 9126-2 that was last revised in 2003 is limited in term of exposure to the latest IT and SE technology. It is also reported to be having certain weaknesses (Rafa A, 2009). Furthermore the standard defines general measures or metrics which can be applied to any type of product. Rightfully, a different type of application requires more specific security measures than the existing ones in the standard. Industry guidelines such as the Open Web Application Security Project (OWASP) and the Information Security Management Systems (ISMS) are another source to identify the security measures. This research is aimed at studying the current practice for measuring the security of a web based application and eventually proposes additional Security measures for web based application based on collective industry best practices, practitioners experience and input and expert opinions. Based on content analysis and interviews conducted on experts, summarized in this report is the proposed additional security measures or metrics for web based application. 2015 Thesis https://ir.uitm.edu.my/id/eprint/64720/ https://ir.uitm.edu.my/id/eprint/64720/1/64720.pdf text en public masters Universiti Teknologi MARA (UiTM) Faculty of Computer and Mathematical Sciences Zambri, Suzana |
| institution |
Universiti Teknologi MARA |
| collection |
UiTM Institutional Repository |
| language |
English |
| advisor |
Zambri, Suzana |
| topic |
Cryptography Access control Computer security Web applications |
| spellingShingle |
Cryptography Access control Computer security Web applications Md Tahir, Herman Enhancing the security measures for web based application / Herman Md Tahir |
| description |
Security measures for a web based application can vary depending on organization objectives. An international standard is a good baseline or reference for measuring the security level of a web based application. The ISO/IEC 9126-1 defined the quality model for software product, consisting of characteristics namely Functionality, Reliability, Usability, Efficiency, Maintainability and Portability and its' sub characteristics. Security on the other hand is identified as one of the sub characteristic of Functionality. The ISO/IEC TR 9126-2 further explained the quality model of ISO/IEC 9126-1 by defining the measures or metrics for the sub characteristics. However, the existing ISO/IEC TR 9126-2 that was last revised in 2003 is limited in term of exposure to the latest IT and SE technology. It is also reported to be having certain weaknesses (Rafa A, 2009). Furthermore the standard defines general measures or metrics which can be applied to any type of product. Rightfully, a different type of application requires more specific security measures than the existing ones in the standard. Industry guidelines such as the Open Web Application Security Project (OWASP) and the Information Security Management Systems (ISMS) are another source to identify the security measures. This research is aimed at studying the current practice for measuring the security of a web based application and eventually proposes additional Security measures for web based application based on collective industry best practices, practitioners experience and input and expert opinions. Based on content analysis and interviews conducted on experts, summarized in this report is the proposed additional security measures or metrics for web based application. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Md Tahir, Herman |
| author_facet |
Md Tahir, Herman |
| author_sort |
Md Tahir, Herman |
| title |
Enhancing the security measures for web based application / Herman Md Tahir |
| title_short |
Enhancing the security measures for web based application / Herman Md Tahir |
| title_full |
Enhancing the security measures for web based application / Herman Md Tahir |
| title_fullStr |
Enhancing the security measures for web based application / Herman Md Tahir |
| title_full_unstemmed |
Enhancing the security measures for web based application / Herman Md Tahir |
| title_sort |
enhancing the security measures for web based application / herman md tahir |
| granting_institution |
Universiti Teknologi MARA (UiTM) |
| granting_department |
Faculty of Computer and Mathematical Sciences |
| publishDate |
2015 |
| url |
https://ir.uitm.edu.my/id/eprint/64720/1/64720.pdf |
| _version_ |
1783735511498620928 |