E-tendering security issues and countermeasures
Tendering is a process whereby the principal invited capable tenderer participates in competitive bid for winning a large project. Due to the E-tendering efficiency and effectiveness, this system is introduced and adopted in many countries. Although the system provides opportunities in improving bus...
Saved in:
Main Authors: | , , , , , |
---|---|
Format: | Article |
Published: |
American Scientific Publishers
2014
|
Subjects: | |
Online Access: | http://repo.uum.edu.my/20573/ http://doi.org/10.1166/asl.2014.5291 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Utara Malaysia |
Summary: | Tendering is a process whereby the principal invited capable tenderer participates in competitive bid for winning a large project. Due to the E-tendering efficiency and effectiveness, this system is introduced and adopted in many countries. Although the system provides opportunities in improving business processes which may lead to paperless, reduced reliance on human capability during transaction, reduced costs and shortened evaluation period, however there still remain uncertainties in legal and security issues. These issues are strongly related to the threats of the E-tendering system.Therefore, this paper is intended to propose a secure solution of the E-tendering system development together with basic countermeasures to overcome the threats. The findings from this study are the identified threats, security technology and related countermeasure of E-tendering process. The procedure in identifying threats and countermeasures are following risk analysis process.Meanwhile, the selections of countermeasures are based on analysis from identified threats.The proposed countermeasures are based on ISO/IEC 27001 and 27002, STRIDE and NIST 800-53 standard.These findings will be used to construct a software architecture secure E-Tendering for IT project. |
---|