Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Glisson, W.; Welland, R.; Glisson, L.M. (2010)
Languages: English
Types: Other
Subjects: QA75
The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • 1. Deloitte (2009) Losing Ground 2009 TMT Global Security Survey Key findings. https://www.deloitte.com/.
    • 2. PricewaterhouseCoopers, Trial by fire. 2009.
    • 3. Internet Crime Complaint Center, 2009 Internet Crime Report. 2010.
    • 4. The UK Cards Association. http://www.theukcardsassociation.org.uk/media_centre/press_releases_new/-/page/922/.
    • 5. Deshpande, Y., et al., Web Engineering. Journal of Web Engineering, 2002. vol.(No. 1): p. 3-17.
    • 6. Deshpande, Y. Web Engineering Curriculum: A Case Study of an Evolving Framework. in Web Enginering 4th international conference, ICE 2004. 2004. Munich, Germany.
    • 7. National Security Agency. http://www.nsa.gov/ia/academic_outreach/nat_cae/institutions.shtml.
    • 8. Crowley, E., Information system security curricula development, in Proceedings of the 4th conference on Information technology curriculum. 2003, ACM: Lafayette, Indiana, USA.
    • 9. Dark, M., et al., An information security ethics education model. J. Comput. Small Coll., 2008. vol.(6): p. 82-88.
    • 10. Elitzur, R.,Sai, Y., A Laboratory Study Designed for Reducing the Gap between Information Security Knowledge and Implementation. International Journal of Electronic Commerce Studies, 2010. vol.(1): p. 13.
    • 11. Mateti, P., A laboratory-based course on internet security, in Proceedings of the 34th SIGCSE technical symposium on Computer science education. 2003, ACM: Reno, Navada, USA.
    • 12. Esterline, A. C., Williams, K. A.,Carr, E. C. http://redux.comp.ncat.edu/carr/web_engineering/SIGCSE_Web.pdf.
    • 13. Whitehead, E. J., A PROPOSED CURRICULUM FOR A MASTERS IN WEB ENGINEERING. Journal of Web Engineering, 2002. vol.(1): p. 5.
    • 14. Kentucky State University. http://www.kysu.edu/.
    • 15. Anderson, R., Security Engineering: A Guide to Building Dependable Distributed Systems. 2001, New York: John Wiley & Sons, Inc.
    • 16. Hansche, S., Berti, J.,Hare, C., Official (ISC)2 Guide to the CISSP Exam. 2004, Boca Raton: Auerbach.
    • 17. Glisson, W. B., The Web Engineering Security (WES) Methodology, in Department of Computing Science. 2008, University of Glasgow: Glasgow. p. 245.
    • 18. Pfleeger, C. P.,Pfleeger, S. L., Security in Computing. Third Edition ed. 2003, Upper Saddle River, NJ: Prentice Hall.
    • 19. Krutz, R. L.,Vines, R. D., The CISSP and CAP Prep Guide. 2007, Indianapolis, IN: Wiley.
    • 20. Schneier, B., Beyond Fear: Thinking Sensibly About Security in an Uncertain World. 2006, New York: Springer-Verlag New York Inc. 303.
    • 21. Organization for Internet Safety. http://www.symantec.com/index.jsp.
    • 22. Dacey, R. F., INFORMATION SECURITY Effective Patch Management is Critical to Mitigating Software Vulnerabilities, in Testimony Before the Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census, House Committee on Government Reform. 2003, United States General Accounting Office.
    • 23. Dickson, J. B., Web applications have become IT's next security battleground. San Antonio Business Journal, 2004. vol.
    • 24. Ellis, J.,Speed, T., The internet security guidebook: from planning to deployment, ed. E. Carrasco. 2001, San Diego: Academic Press. 1-320.
    • 25. McCormick, J. http://www.baselinemag.com/article2/0,1397,2152093,00.asp.
    • 26. Baskerville, R., Information systems security design methods: implications for information systems development. ACM Computing Surveys, 1993. vol.(4): p. 375-414.
    • 27. Siponen, M. T., Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods. 2004, Department of Information Processing Science, University of Oulu: Oulu, Finland. p. 37.
    • 28. Siponen, M. T., Secure-System Design Methods: Evolution and Future Directions. IT Professional, 2006. vol.(3): p. 40-44.
    • 29. Glisson, W. B.,Welland, R. Web Engineering Security: Essential Elements. in The Second International Conference on Availability, Reliability and Security (ARES) 2007. Vienna, Austria: IEEE.
    • 30. Glisson, W. B., McDonald, A.,Welland, R. Web Engineering Security: A Practitioner's Perspective. in International Conference on Web Engineering. 2006. Palo Alto, California: Springer.
    • 31. Hoolachan, S.,Glisson, W. B. Organizational Handling of Digital Evidence. in The 2010 ADFSL Conference on Digital Forensics, Security and Law. 2010. St. Paul, Minnesota, USA: Association of Digital Forensics, Security and Law.
    • 32. Cisco. http://newsroom.cisco.com/dlls/2009/prod_060909.html.
    • 33. Glisson, W. B., Glisson, L. M.,Welland, R. Secure Web Application Development and Global Regulation. in The Second International Conference on Availability, Reliability and Security (ARES) 2007. Vienna, Austria: IEEE.
    • 34. Department of Homeland Security, Security in the Software Lifecycle. 2006, Department of Homeland Security: Washington, DC.
  • No related research data.
  • No similar publications.

Share - Bookmark

Download from

Cite this article