Skip to Main Content
This paper mainly discusses security analysis in Web-based information systems. The analysis focuses on current client/server system application environments and system vulnerabilities. The paper also briefly describes a proposed conceptual security model-dual security model (DSM). The model focuses on risk management by identifying possible attacks on the system and addressing them before they can impact significantly system security and business of the organisation. The key design feature of this model is developing a high level risk assessment framework for analysing and evaluating the system environment, interrelated system functions, risk modelling and the evaluation process in Web-based information systems.