Title :
Asset Assessment in Web Applications
Author :
Romero, Brunil D M ; Haddad, Hisham M.
Author_Institution :
Processes & Syst. Dept., Simon Bolivar Univ., Sartenejas, Venezuela
Abstract :
Security, a quality attribute in web applications, improves the level of quality in the processes needed to manage information, and therefore achieving business objectives. Web Engineering must address new challenges facing web application development in order to offer new techniques that guarantee high quality applications. This work is part of an over all project that focuses on Risk Assessment in web application development to help organizations determine security risks in information management systems. The formal approach to identifying and evaluating information assets is explored using the EBIOS method and the MAGERIT methodology. The previous phase of this research presented a methodological tool for asset identification in web applications. This work presents a methodological tool for asset assessment. The work is carried out using a University Web Application to help the University achieve security risk assessment.
Keywords :
Internet; information management; risk management; security of data; EBIOS method; MAGERIT methodology; Web application development; Web engineering; asset assessment; asset identification; information management systems; security risk assessment; Automatic testing; Electronic mail; Error correction; IP networks; Information filtering; Information filters; Internet; Phase detection; Protection; Telecommunication traffic; Computer Security; Information Security Management; Web Engineering;
Conference_Titel :
Information Technology: New Generations (ITNG), 2010 Seventh International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-6270-4
DOI :
10.1109/ITNG.2010.170
