Authors:
Esmiralda Moradian
and
Anne Håkansson
Affiliation:
KTH and Royal Institute of Technology, Sweden
Keyword(s):
E-Commerce Security, Software Security, Security Ontology, Agent System, Mapping.
Related
Ontology
Subjects/Areas/Topics:
e-Business and e-Commerce
;
Internet Technology
;
Ontology and the Semantic Web
;
Society, e-Business and e-Government
;
Web Information Systems and Technologies
;
Web Interfaces and Applications
;
Web Security and Privacy
Abstract:
Developers are struggling with the challenging task of producing secure e-commerce software. Nonetheless, software insecurity remains an issue for e-commerce organisations. Software engineers are expected to pos-sess knowledge in the software engineering area, as well as, security. In addition, they are required to under-stand and correctly identify the relationships between the security concepts. However, developers commonly lack this knowledge and consequently, security is often omitted during the engineering process. To support developers to face the challenge, we use ontology based techniques for structuring and representation of security knowledge. Categorization according to the security properties of confidentiality, integrity, and availability is needed to provide a holistic view over the security requirements, assets, security threats, and security controls. Moreover, we propose mapping of different security ontologies to provide traceability. For this purpose, we use meta-a
gents and software agents in multi-agent system. We present a development scenario of electronic invoice presentment system, where we demonstrate how usage of ontologies in combination with multi-agent system can improve security of e-commerce software systems.
(More)