Web Engineering Security (WES) Methodology

Files

Web Engineering Security (WES) Methodology_OCR.pdf (2.01 MB)

Date

2014

Authors

Glisson, William Bradley
Welland, Ray

Journal Title

Journal ISSN

Volume Title

Publisher

Communications of the Association for Information Systems

Abstract

The impact of the World Wide Web on basic operational economical components in global information-rich civilizations is significant. The repercussions force organizations to provide justification for security from a businesscase perspective and to focus on security from a Web application development environment standpoint. The need for clarity promoted an investigation through the acquisition of empirical evidence from a high level Web survey and a more detailed industry survey to analyze security in the Web application development environment ultimately contributing to the proposal of the Essential Elements (EE) and the Security Criteria for Web Application Development (SCWAD). The synthesis of information provided was used to develop the Web Engineering Security (WES) methodology. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an organization’s chosen application development process.

Description

An paper co-authored by William Glisson that was published by the Communications of the Association for Information Systems in 2014

Keywords

industry, organization, method, case study, security, information systems

Citation

Glisson, William Bradley and Welland, Ray (2014) "Web Engineering Security (WES) Methodology," Communications of the Association for Information Systems: Vol. 34 , Article 71. DOI: 10.17705/1CAIS.03471

URI

https://hdl.handle.net/20.500.11875/3193

Collections

Department of Computer Science
Cyber Forensics Intelligence Center