INTERNET BANKING SECURITY ENHANCEMENE WITH THREAT ORIENTED APPROACH

Nowadays Internet banking which uses variety of Internet based software and hardware technologies is current and expanded. Web based bank services provide users with managing financial affairs such as the money transfer process between accounts easier and faster than before. Nevertheless, security threats have been widely recognized as one of the main obstacles to the adoption of Internet banking. For encountering possible threats, different security services and mechanisms are proposed. We propose security framework to enhance Internet banking security. This framework is used to identify and evaluate threats of Web based money transfer process and elicit its attacktree. The authors also propose to add defense tree which includes security services and mechanisms; in conjunction with attacks risk to the attack tree. It is concluded that the combination of these methods will help to make decisions about selecting appropriate security services and mechanisms