NDLI: A Multi-Tier, Multi-Role Security Framework for E-Commerce Systems

Content Provider	IEEE Xplore Digital Library
Author	Cachia, E. Micallef, M.
Copyright Year	2007
Description	Author affiliation: Dept. of Comput. Sci. & Artificial Intelligence, Malta Univ., Msida (Cachia, E.; Micallef, M.)
Abstract	As the use of the Internet for commercial purposes continues to grow, so do the number of security threats which attempt to disrupt online systems (Glisson and Welland, 2005); (Deloitte, 2005); and (Gordon et al., 2005). A number of these threats are in fact unintended (Mackey, 2003). For example, a careless employee might drop a cup of coffee onto essential equipment. However, when compared to the brick and mortar world, the Internet offers would-be attackers a more anonymous environment in which to operate. Also, the free availability of hacking tools makes it possible even for the curious teenager to carry out dangerous attacks. Despite this ever-present threat however, it is all too often the case that security is dealt with (if at all) after a Web application has been developed (Gaur, 2000). This is mainly due to our software development heritage whereby companies prefer to focus on the functionality of new systems because that provides and immediate return on investment. This paper proposes a framework for building security into Web applications as they are being developed. The core philosophy here is that security is too big an issue to leave up to one person/team after the product has been developed. The framework also provides a quality assurance process and a communication protocol to ensure that all security-related tasks have been carried out
Starting Page	422
Ending Page	432
File Size	360378
Page Count	11
File Format	PDF
ISBN	0769527728
DOI	10.1109/ECBS.2007.8
Language	English
Publisher	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher Date	2007-03-26
Publisher Place	USA
Access Restriction	Subscribed
Rights Holder	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subject Keyword	Application software Computer security Communication system security Internet Mortar Investments System testing Acoustical engineering Software engineering Computer science E-Commerce Security Software Quality Assurance Web Applications
Content Type	Text
Resource Type	Article

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in