Security of E-Commerce Software Systems

  • Esmiralda Moradian
Part of the Studies in Computational Intelligence book series (SCI, volume 462)


Cybercrime is costly both for businesses and consumers. Criminals can have different purposes, such as financial winnings, defacement and disruption, which not only cause financial loss but also damage organization’s reputation and image. To prevent a number of cybercrimes and simple mistakes, such as not insuring that all traffic into and out of a network pass through firewall, security of e-commerce systems should be considered from the very beginning, i.e. early stage of the e-commerce software development. This is due to software vulnerabilities are a huge security problem. Therefore, to enhance security of e-commerce software, we propose the use of multi-agent system. The research in this paper is focused mainly on the design of agents that provide support to engineers during development process. Moreover, the multi-agent system, presented in this research, supports implementation of patterns and extraction of security information, and provides traceability of security requirements in the engineering process.


E-commerce software system security multi-agent system decision support 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Cernuzzi, L., Juan, T., Sterling, L., Zambonelli, F.: The Gaia Methodology: Basic Concepts and Extensions 11, Part II, 69–88 (2004), doi:10.1007/1-4020-8058-1_6Google Scholar
  2. 2.
    Davis, N., Howard, M., Humphrey, W., McGraw, G., Redwine, S., Zibulski, G., Graettinger, C.: Processes to Produce Secure Software. In: Redwine Jr., S.T., Davis, N. (eds.) Software Process Subgroup of the Task Force on Security across the Software Development Lifecycle, vol. 1 (March 2004)Google Scholar
  3. 3.
    Fasli, M.: On agent technology for e-commerce: trust, security and legal issues. The Knowledge Engineering Review 22(1), 3–35 (2007)CrossRefGoogle Scholar
  4. 4.
    Goertzel, M.K., Winograd, T.: Enhancing the Development Lifecycle to Produce Secure Software. A Reference Guidebook on Software Assurance, Technical Report, DACS (October 2008)Google Scholar
  5. 5.
    Jennings, N.R., Norman, T.J., Faratin, P., O’Brian, P., Odgers, B.: Autonomous Agents for Business Process Management, pp. 145–189. Taylor & Francis (2000) 0883-9514/00Google Scholar
  6. 6.
    Marik, V., McFarlane, D.: Industrial adoption of agent-based technologies. IEEE Intelligent Systems 20(1), 27–35 (2005), doi: Google Scholar
  7. 7.
    McGraw, G.: Software Security Building Security. Addison-Wesley Pearson Ed. (2006) ISBN 0-321-35670-5Google Scholar
  8. 8.
    Moradian, E.: Secure transmission and processing of information in organisations systems. International Journal of Intelligent Defence Support Systems 2(1), 58–71 (2009)CrossRefGoogle Scholar
  9. 9.
    Moradian, E., Håkansson, A., Andersson, J.-O.: Multi-Agent System Supporting Security Requirements Engineering. In: SERP 2010 - The 2010 International Conference on Software Engineering Research and Practice (WorldComp 2010), vol. 2, pp. 459–465. CSREA Press, USA (2010)Google Scholar
  10. 10.
    Moradian, E., Håkansson, A.: Controlling Security of Software Development with Multi-agent System. In: Setchi, R., Jordanov, I., Howlett, R.J., Jain, L.C. (eds.) KES 2010, Part IV. LNCS, vol. 6279, pp. 98–107. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Moradian, E., Håkansson, A.: Software Security Engineering Monitoring and Control. In: SAM 2011 The 2011 International Conference on Security and Management (WorldComp 2011). CSREA Press, USA (2011)Google Scholar
  12. 12.
    Moradian, E., Håkansson, A., Andersson, J.-O.: Security Patterns for Software Security Engineering. Accepted at the 16th International Conference, KES, San-Sebastian, Spain, September 10-12 (2012)Google Scholar
  13. 13.
    Moradian, E., Håkansson, A.: Ontology Design and Mapping for Building Secure E-Commerce Software. Accepted at the 8th International Conference on Web Information Systems and Technologies, Porto, Portugal, April 18-21 (2012)Google Scholar
  14. 14.
    Moradian, E.: Integrating Security in Software Engineering Process: The CSEP Methodology, KTH Royal Institute of Technology (2012)Google Scholar
  15. 15.
    Pfleeger, S.L.: Software Engineering Theory an Practice, 2nd edn. Prentice-Hall, Inc. (2001) ISBN 0-13-029049-1Google Scholar
  16. 16.
    Rice, D.: Geekonomics The Real Cost of Insecure Software. Pearson Ed. Inc. (2008) ISBN 0-321-47789-8Google Scholar
  17. 17.
    Van Vliet, H.: Software Engineering Principles and Practice, 2nd edn. John Wiley and Sons (2004) ISBN 0-471-97508-7Google Scholar
  18. 18.
    Van Gigch, J.P.: Applied General Systems Theory, 2nd edn. Harper & Row Publishers, New York (1978) ISBN 0-06-046776-2; Copyright 1978 by Van Gigch, J.P.Google Scholar
  19. 19.
    Wooldridge, M.J.: Introduction To Multi-Agent Systems. John Wiley and Sons Ltd. (2002) ISBN 9780471496915Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Department of Software and Computer SystemsKTH Royal Institute of TechnologyKistaSweden

Personalised recommendations