Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems

Nabi, Faisal and Yong, Jianming and Tao, Xiaohui ORCID: and Malhi, Muhammad Saqib and Farhan, Muhammad and Mahmood, Umar (2021) Process of Security Assurance Technique for Application Functional Logic in E-Commerce Systems. Journal of Information Security, 12 (3):1. pp. 189-211. ISSN 2153-1234

Text (Published Version)
Available under License Creative Commons Attribution 4.0.

Download (3MB) | Preview


Security practices such as Audits that often focus on penetration testing are performed to find flaws in some types of vulnerability & use tools, which have
been tailored to resolve certain risks based on code errors, code conceptual assumptions bugs, etc. Most existing security practices in e-Commerce are dealt
with as an auditing activity. They may have policies of security, which are enforced by auditors who enable a particular set of items to be reviewed, but also fail to find vulnerabilities, which have been established in compliance with application logic. In this paper, we will investigate the problem of business logic vulnerability in the component-based rapid development of e-commerce applications while reusing design specification of component. We propose secure application functional processing Logic Security technique for component-
based e-commerce application, based on security requirement of e-business process and security assurance logical component behaviour specification approach
to formulize and design a solution for business logic vulnerability phenomena.

Statistics for USQ ePrint 41970
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Faculty/School / Institute/Centre: Current - Faculty of Business, Education, Law and Arts - School of Business (18 Jan 2021 -)
Faculty/School / Institute/Centre: Historic - Faculty of Health, Engineering and Sciences - School of Sciences (6 Sep 2019 - 31 Dec 2021)
Date Deposited: 17 May 2021 03:38
Last Modified: 25 Oct 2021 23:13
Uncontrolled Keywords: Business Logic Design Flaws, Components Integration Flaws, E-Commerce System, Assurance & Security, Model Based Design, Business Logic Attacks, Attack Pattern
Fields of Research (2008): 08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
Fields of Research (2020): 46 INFORMATION AND COMPUTING SCIENCES > 4604 Cybersecurity and privacy > 460406 Software and application security
Identification Number or DOI:

Actions (login required)

View Item Archive Repository Staff Only