Call for Paper

CAE solicits original research papers for the July 2021 Edition. Last date of manuscript submission is June 30, 2021.

Read More

Requirement’s for Proposed Frameworks for Secure Ecommerce Transactions

Kenneth Longo Mlelwa, Zaipuna O. Yonah. Published in Security.

Communications on Applied Electronics
Year of Publication: 2017
Publisher: Foundation of Computer Science (FCS), NY, USA
Authors: Kenneth Longo Mlelwa, Zaipuna O. Yonah
10.5120/cae2017652498

Kenneth Longo Mlelwa and Zaipuna O Yonah. Requirement’s for Proposed Frameworks for Secure Ecommerce Transactions. Communications on Applied Electronics 6(9):1-15, April 2017. BibTeX

@article{10.5120/cae2017652498,
	author = {Kenneth Longo Mlelwa and Zaipuna O. Yonah},
	title = {Requirement’s for Proposed Frameworks for Secure Ecommerce Transactions},
	journal = {Communications on Applied Electronics},
	issue_date = {April 2017},
	volume = {6},
	number = {9},
	month = {Apr},
	year = {2017},
	issn = {2394-4714},
	pages = {1-15},
	numpages = {15},
	url = {http://www.caeaccess.org/archives/volume6/number9/716-2017652498},
	doi = {10.5120/cae2017652498},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

This study proposes the best set of criteria for evaluating a secure framework that are to support eCommerce with security requirements analysis and elicitation, based upon the construction of a context for the system and satisfaction arguments for the security of the system. The novel contribution of this paper is an information security framework hail as the secure framework, comprising of technical, operational, business, process and maturity models to address information security requirements for eCommerce transactions.

References

  1. Kenneth Mlelwa (2011) “E-Commerce Awareness and Its Impact on the Small Scale Tourism”, research Report
  2. Weik, M. (2001). Computer Science and Communications Dictionary. Springer.
  3. NIST. (2006). Minimum Security Requirements for Federal Information and Information Systems. National Institute of Standards and Technology, Computer Security Division.
  4. ISO/IEC. (2005b). ISO/IEC 27002:2005 - Information technology -- Security techniques -- Code of practice for information security management. Geneva: International Organization for Standardization.
  5. OECD. (2002). OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security. Retrieved June 13th, 2016, from Organisation for Economic Cooperation and Development: http://www.oecd.org/dataoecd/16/22/15582260.pdf
  6. Talleur, T. (2000) E-Commerce and Cybercrime. eBusiness Forum
  7. Siponen, M., & Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46, 267-270.
  8. Hayat, Z., Reeve, J., & Boutle, C. (2007). Ubiquitous security for ubiquitous computing. Information Security Technical Report, 12(3), 172-178.
  9. NIST. (2014). Framework for Improving Critical Infrastructure Cybersecurity.
  10. CEN. (2007). Network and Information Security Standards Report. Final Version, ICT Standards Board.
  11. OASIS. (2010b). OASIS Standards and Other Approved Work. Retrieved June 15, 2016, from OASIS: http://www.oasis-open.org/specs/
  12. International Organization for Standardization. Information Technology; Security Techniques; Information Security Management Guidelines for Telecommunications Organizations Based on ISO: Technologies de L'ìnformation: Techniques de Sécurité: Lignes Directrices Pour Les Organismes de Télécommunications Sur la Base de L'ISO/CEI 27002. International Organization for Standardization, 2009
  13. Dardenne, A., van Lamsweerde, A., & Fickas, S. (1993). "Goal-Directed Requirements Acquisition," Science of Computer Programming (Elsevier), vol. 20 no. 1-2, pp. 3-50.
  14. Jackson, M. (2001). Problem Frames: Addison Wesley.
  15. Allen, J. H. (2001). "CERT System and Network Security Practices," in Proceedings of the Fifth National Colloquium for Information Systems Security Education (NCISSE'01). George Mason University, Fairfax, VA, USA, 22-24 May.
  16. Published as Landwehr, C.E., and J.M. Carroll, "Hardware Requirements for Secure Computer Systems: A Framework," Proc. 1984 IEEE Symposium on Security and Privacy, Oakland, CA, April 23-26, 1984.
  17. Pfleeger, C. P. & Pfleeger, S. L. (2002). Security in Computing: Prentice Hall.
  18. NIST (1995). "An Introduction to Computer Security: The NIST Handbook," National Institute of Standards and Technology (NIST), Special Pub SP 800-12, Oct.
  19. "ABAC (Attribute Based Access Control), jerichosystems.com". Retrieved 2016-07-11.
  20. W3C. (2004, February 11). Web Services Glossary. Retrieved July 15, 2016, from W3C Working Group: http://www.w3.org/TR/ws-gloss/
  21. Dada, D. (2006). The Failure of e-Government in Developing Countries: A Literature Review. The Electronic Journal of E-Government in Developing Countries, 26.

Keywords

E-commerce Framework, eCommerce Framework Requirements, Secure eCommerce Framework, Security Framework.