Designing secure web and mobile-based information system for dissemination of students’ examination results: the suitability of soft design science methodology
International Journal of Computing and ICT Research
The trend of organizations offering services through integrated applications using web- and mobile- based information systems has raised security concerns on how to ensure security goals are attained. The foundation of many systems’ security problems is the lack of integrating secure aspects throughout the processes of architecture design of information systems. This problem is contributed by lack of systematic research methodology and standard security guidelines and principles in many organizations dealing with development of systems in Tanzania. In order to address the weakness of previous studies in the research design, this study employed soft design science methodology (integration of Soft Systems Methodology and Design Science Research); this enabled triangulation of research methodology to take place. The security goals for the proposed secure information system design architecture were explored and incorporated in all stages of the design of system architecture. The proposed secure architecture design of information system for dissemination of students’ examinations results can be replicated to schools, colleges or universities in developing countries. The study contributes to body of knowledge by developing secure information systems architecture using a system thinking engineering approach (Soft System Methodology) compounded by Design Science Research principles. The application of the system engineering approach and design principles resulted to a new strategy, secure software development life cycle (secure-SDLC), in solving real world problematic situation and filling the identified research gap in terms of knowledge in the field of information systems’ security research.
Results dissemination, Information systems, Design science research, Application, security, web, mobile, Soft Design Science Methodology, Soft Systems Methodology