Security Testing of an Online Banking Service

dos Santos, Andra L. M.; Vigna, Giovanni; Kemmerer, Richard A.

doi:10.1007/978-1-4615-1467-1_1

Andra L. M. dos Santos²,
Giovanni Vigna² &
Richard A. Kemmerer²

Part of the book series: Advances in Information Security ((ADIS,volume 2))

219 Accesses
1 Citations

Abstract

Online banking and electronic commerce have become an everyday reality for millions of users. Almost every large banking institution offers services such as account management, fund transfers, automatic payments, and investments through the Internet. The quality of the provided services has become a driving factor in user selection of a banking institution. Given the critical nature of the services provided, banks and financial institutions are investing substantial resources in the implementation of sophisticated financial applications that are appealing to the end-user. In the design and implementation of these applications developers face a trade-off between user-friendliness and security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Hardcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bellovin, S. (1990). Security Problems in the TCP/IP Protocol Suite.Computer Communications Review19(2).
Google Scholar
Bisbey, R., Popek, G., and Carlstadt, J. (1975). Inconsistency of a Single Data Value Over Time. Technical Report ISI/SR-75–4, USC Information Sciences Institute.
Google Scholar
Dean, D., Felten, E., and Wallach, D. (1996). Security: From HotJava to Netscape and Beyond. InProceedings of the IEEE Symposium on Security and Privacy.http://www.cs.princeton.edu/sip/pub/secure96.html
Google Scholar
Dittrich, D. (1999). The DoS Project’s “trinoo” distributed denial of service attack tool. http://staff.washington.edu/dittrich/misc/ddos/
dos Santos, A. (1997). Another way to exploit local classes in Java. Risks 19.41.
Google Scholar
Freier, A., Karlton, P., and Kocher, P. (1996). The SSL Protocol Version 3.0. INTERNET-DRAFT.
Google Scholar
Ghosh, A. K. (1998).E-Commerce Security: Weak Links Best Defenses. John Wiley and Sons.
Google Scholar
Lindholm, T. and Yellin, F. (1999).The Java Virtual Machine Specification.Addison- Wesley, 2nd edition.
Google Scholar
Paoli, F. D., dos Santos, A., and Kemmerer, R. (1998).Web BrowsersS and er Scienecurityvolume 1419 ofLecture Notes in Computcepages 235–256. Springer-Verlag.
Google Scholar

Download references

Author information

Authors and Affiliations

Reliable Software Group Department of Computer Science, University of California, Santa Barbara
Andra L. M. dos Santos, Giovanni Vigna & Richard A. Kemmerer

Authors

Andra L. M. dos Santos
View author publications
You can also search for this author in PubMed Google Scholar
Giovanni Vigna
View author publications
You can also search for this author in PubMed Google Scholar
Richard A. Kemmerer
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Cigital, Inc., USA
Anup K. Ghosh

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

dos Santos, A.L.M., Vigna, G., Kemmerer, R.A. (2001). Security Testing of an Online Banking Service. In: Ghosh, A.K. (eds) E-Commerce Security and Privacy. Advances in Information Security, vol 2. Springer, Boston, MA. https://doi.org/10.1007/978-1-4615-1467-1_1

Download citation

DOI: https://doi.org/10.1007/978-1-4615-1467-1_1
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4613-5568-7
Online ISBN: 978-1-4615-1467-1
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics