We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Security Risk Management in E-commerce Systems: A Threat-driven Approach.
- Authors
AFFIA, Abasi-amefon O.; MATULEVIĈIUS, Raimundas; NOLTE, Alexander
- Abstract
E-commerce has transformed the commerce industry as we know it, introducing better purchasing, shipping, and customer services. These business services generate and utilise sensitive information such as customer purchases, financial and personal information which are of high value to attackers. Securing e-commerce systems demands security risk management conscious of evolving security threats. This research work proposes and analyses a threat-driven approach that explores the use of a security threat analysis method - STRIDE to support a selected security risk management method - ISSRM (Information System Security Risk Management) in managing security risk in an e-commerce system. Results of this approach present e-commerce asset identification, threat analysis, and risk identification, with security risk treatment decisions. We discuss these results presenting the benefits of the STRIDE and ISSRM combination.
- Subjects
SECURITY management; RISK management information systems; RISK management in business
- Publication
Baltic Journal of Modern Computing, 2020, Vol 8, Issue 2, p213
- ISSN
2255-8942
- Publication type
Article
- DOI
10.22364/bjmc.2020.8.2.02