Is there such a thing anymore as asoftware system that doesn’t need to be secure? Almost every software controlled systemfaces threats from potential adversaries, from Internet-aware clientapplications running on PCs, to complex telecommunications and power systems accessibleover the Internet, to commodity software with copy protection mechanisms.Software engineers must be cognizant of these threats and engineer systems withcredible defenses, while still delivering value toCustomers. Security concerns must informevery phase of software development, from requirements engineering to design,implementation, testing and deployment…” Thearticle marked a surfacing need in the IT community: security is not just aboutsecuring protocols and communication lines, it is also about software. Indeed,the need of securing software is even more pressing than the need of securingcommunication. Almost, exploits of software security bugs are constantly amongthe headlines .
It has also clearly emerged that security concerns must betackled from the very beginning because looking at them as an afterthoughtoften leads to problems.Part of this challenge has been answered,and what is still missing is capturing the high-level security requirements,without getting suddenly bogged down into security solutions. We find out thatat certain stage a leap is made: we have a system with no security featuresconsisting of high-level functionalities, and then the next refinement showsencryption, access control, authentication and the like.In this paper we propose a solution that isbased on augmenting the framework to take into account security considerations.
Our decision to augment the language has been mainly driven by a major casestudy, the modelling of the Secure Electronic Transactions. The industrialrelevance of the case study is clear but the topic is challenging also fortechnical reasons. At first because the proposal is accompanied by a massive documentationspanning from high-level business description to bit-oriented programmingguide. However, if we look to the documentation we find out that the businesscase is described in a totally informal way and the programming guide is fairlyoperational, in many points a good example of bit-oriented programming. Theobjective of our protocol is to provide issuers with the ability toauthenticate cardholders during an online purchase without involving the thirdparty VISA or MasterCard. We define a new transaction flow involvingcardholder, merchant, payment gateway and card issuer, and allowed parties to identifythemselves to each other and exchange information securely using digitalcertificate. For some implementation reasons, the cardholder is not requested tohave his digital Certificate, he use the password code to be authenticated bythe card issuer.
SECURITY REQUIREMENTS OFE-PAYMENT A. Informationconfidentiality – All information during the transactions has the request ofbeing kept confidential. For instance, account number and user name may beembezzled by others who have access to them business opportunity may be lost iforder and payment information of your customer’s are obtained bycompetitors.
Thus, encryption is requiredin the E-C information transmission. B.Data integrity- E-C should provide medium to identify data integration,ensuring the Web data do not be altered in transmission. C. Authenticationof participants- The parts involved may have never met each other. So to makethe transaction successful, the first step is to identify the two parts, whichis the essential prerequisite of transactions.
D.Non-repudiation -The transaction must have such services that enable one Partyto prevent another party denying having taken a particular action, e.g. sendingorder/payment information, confirmation of order/payment. Both consumer andmerchant also require this service.
E.End-user implementation Requirement