Web engineering security: a practitioner's perspective

Glisson, W., McDonald, A. and Welland, R. (2006) Web engineering security: a practitioner's perspective. In: 6th International Conference on Web Engineering (ICWE '06), Palo Alto, California, USA, 11-14 July 2006, (doi: 10.1145/1145581.1145633)

Full text not currently available from Enlighten.


There are a number of critical factors driving security in Web Engineering. These include: economic issues, people issues, and legislative issues. This paper presents the argument that a Security Improvement Approach (SIA), which can be applied to different Web engineering development processes, is essential to successfully addressing Web application security. In this paper, the criteria that any SIA will have to address, for a Web engineering process, are presented. The criteria are derived with supporting empirical evidence based on an in-depth security survey conducted within a Fortune 500 financial service sector organization and supporting literature. The contribution of this paper is two fold. The criteria presented in this paper can be used to assess the security of an existing Web engineering process and also to guide Security Improvement Initiatives in Web Engineering.

Item Type:Conference Proceedings
Additional Information:This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in the Proceedings of the 6th International Conference on Web Engineering : ICWE '06 <a href="http://doi.acm.org/10.1145/1145581.1145633">http://doi.acm.org/10.1145/1145581.1145633</a>
Glasgow Author(s) Enlighten ID:Glisson, Dr William and Welland, Professor Raymond
Authors: Glisson, W., McDonald, A., and Welland, R.
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
College/School:College of Science and Engineering > School of Computing Science
College of Arts > School of Humanities > Information Studies
Copyright Holders:© ACM, 2006
First Published:First published in Proceedings of the 6th International Conference on Web Engineering (ICWE '06)

University Staff: Request a correction | Enlighten Editors: Update this record