International Journal on Advanced Science, Engineering and Information Technology

As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirements and security design within the development phase of an e-commerce application as a security control to identify security flaws at early stage of web application development which might prevent re-architecture when discovered at a later stage.

Web Security; E-commerce; Software Development Process; Application Layer; Software Engineering