Java Reference
In-Depth Information
envisaged e-commerce application should fully support the integration of payment processing to
PayM. PayM will provide the necessary APIs for the same.
4.2.1.4 Security Requirements in the Request for Proposal
he RFP laid out by Panthera details several functional requirements for the e-commerce appli-
cation. he RFP has also provided a special emphasis on the required security capabilities of the
application. he security requirements laid out in the RFP have been developed based on industry
standard security requirements for Web applications. As the primary focus of this text is on the
security implementation for a Web application, we will concentrate on the security requirements
laid out in Panthera's RFP. he security requirements are enumerated based on Table 4.3.
4.3 An overview of the Application Development Process
After careful consideration, involving several discussions with several software application vendors
and application development organizations, Panthera's management has decided to contract with
Jaguar InfoSolutions for developing the custom e-commerce application as per Panthera's require-
ments. Jaguar InfoSolutions has developed several applications for banking and insurance companies
as well as some other e-commerce companies. hey are aware of security compliance requirements
and have demonstrated their aptitude with Web application security design and implementation.
After a joint discussion with Panthera's management, including the CTO and CISO, Jaguar has
prepared a project plan for the development of Panthera's envisaged e-commerce application.
4.3.1 The Application Development Process
he application development process for Panthera's new e-commerce application has been devel-
oped after a great deal of thought concerning the entire process. Jaguar's application team dedi-
cated to the project was involved in detailed discussions with Panthera's management and the
committee created to spearhead the e-commerce development project. he application develop-
ment process has been created as follows:
◾
Detailed application requirements
◾
Application design
◾
Application development
◾
White- and black-box testing
◾
User acceptance testing
◾
Deployment
4.3.1.1 Detailed Application Requirements
he requirement-gathering phase is an extremely important phase in application development.
he application development life cycle is made very clear and much more eicient with a clear set
of requirements. he irst step in the development of Panthera's Web application is the formulation
of detailed functional and nonfunctional requirements. We are quite familiar with the functional
requirements for an e-commerce application and shall focus on the security requirements in this
topic. Jaguar has decided to adopt the process of risk management to ensure that security is built
Search WWH ::
Custom Search