Paper Topic:

discussing recent work in Web Database Security

Discussing Recent Work in Web Database Security

Introduction

The Internet has remarkably changed the way transactions are undertaken in business . Database security , along with privacy issues are of deeper concern nowadays . A loop hole in the evolving electronic commerce systems is the failure to adequately address database security and data privacy issues . One major reason for this problem is that web database security is often overlooked in the development of the system Furthermore , there is a difficulty in applying commonly-known software requirements engineering techniques to web-based information systems in which

policy is continually changing due to the need to respond to the rapid introduction of new technologies . Web database security should be major concerns from the onset , but IT specialists need new systematic mechanisms for analysing and assessing database security . To address this issue , the researcher employs scenario management and goal-driven analysis schemes to facilitate the design and evolution of electronic commerce systems . Threats assessment is crucial for ensuring that system requirements are a great support in the company 's web database security Consequently , goal-based approach is adapted by including a compliance activity to ensure that all guidelines are reflected in the actual system requirements . The scheme thus focuses on the initial specification of web database security and their integration into system requirements . The ultimate goal of this is to demonstrate viable solutions for supporting the early stages of the software lifecycle specifically addressing the need for new approaches to ensure database security requirements coverage

Literature Review

Security

The focus of several studies addressing means to provide better web database security is reducing threats to sensitive data . However , the balance between security and the ability to access necessary information for legitimate business transaction must also be considered (Earp and Payton , 2000 . Most companies are aware of the problem of unauthorized access to confidential data , but few have gained an effective security schemes for their web-based information systems (Katzke et al , 1999 Web-based information systems must be protected from both internal and external threats and their protection must be given special consideration during the early design phase of development . Although there is an increased awareness of extensive security needs , most companies are facing a lack of security skills (Makris , 1999 , noting the need to prioritize systems with security requirements at the conceptual design phase

Granting that many companies employs ethical policies for employees to follow these does not provide real guarantee against intruders . When developing web-based application for today 's businesses , it is important to determine where the need is for security and what security features are necessary , with the full understanding of organizational environment . The difficulty lies in ensuring that the policies are incorporated in the system requirements from which these web applications will be designed

The basic step in securing a web-based information system is developing and implementing a dynamic document called a security policy (Dean 2000 , which recognizes system aspects known as security goals and risks . It is necessary to establish who the authorized users might be...

8 pages

70.5 KB

Free sing-up