Web Engineering Security (WES) Methodology

Glisson, William Bradley; Welland, Ray

View/Open

Article (2.013Mb)

Date

2014

Author

Glisson, William Bradley

Welland, Ray

Metadata

Show full item record

Abstract

The impact of the World Wide Web on basic operational economical components in global information-rich civilizations is significant. The repercussions force organizations to provide justification for security from a businesscase perspective and to focus on security from a Web application development environment standpoint. The need for clarity promoted an investigation through the acquisition of empirical evidence from a high level Web survey and a more detailed industry survey to analyze security in the Web application development environment ultimately contributing to the proposal of the Essential Elements (EE) and the Security Criteria for Web Application Development (SCWAD). The synthesis of information provided was used to develop the Web Engineering Security (WES) methodology. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an organization’s chosen application development process.

URI

https://hdl.handle.net/20.500.11875/3193

Collections

Department of Computer Science

Citation

Glisson, William Bradley and Welland, Ray (2014) "Web Engineering Security (WES) Methodology," Communications of the Association for Information Systems: Vol. 34 , Article 71. DOI: 10.17705/1CAIS.03471

Description

An paper co-authored by William Glisson that was published by the Communications of the Association for Information Systems in 2014