Abstract:Introduction The processes behind corporate efforts to create, manage, publish, and archive Web information has also evolved using Web Content Management Systems (WCMS). WCMS allow teams to maintain Web content in a dynamic fashion through a user friendly interface and a modular application approach. This dynamic "on-the-fly" content creation provides Web site authors several advantages including access to information stored in databases, ability to personalize Web pages according to individual user preferences, and the opportunity to deliver a much more interactive user experience than static Web pages alone. 11 However, there are distinct disadvantages as well. Dynamically generating Web content can significantly impact Web server performance, reduce the scalability of the Web site and create security vulnerabilities or denial of service. 11 Organizations are adopting information technology without understanding such security concerns. 1 Moreover, as Mostefaoui 7 points out, even though many attempts have been made to understand the security architecture, a generic security framework is needed. Recent research amplifies the concerns and benefits of security in open source systems. 2 However, there is a need for organizations to understand how to evaluate these open source systems and this paper highlights how an evaluation technique in terms of security may be used in an organization to assess a short list of possible WMCS systems. This article focuses on security issues in WCMS and the objective is to understand the security issues as well as to provide a generic security framework. The contributions of this paper are to: 1. Integrate the goals of security with eight dimensions of WCMS, 2. Specify how to secure the eight dimensions of WCMS, 3. Formulate a framework of security using this integrated view of security goals and security dimensions, and 4. Address the security of the Web architecture at WCMS software application level using the framework and evaluate security features in popular WCMS used in the industry.

Security in dynamic web content management systems applications

Construction of security architecture of web services based EAI

Information Security Management of Web Portals Based on Joomla CMS

System Security Assurance: A Systematic Literature Review

Investigating Dynamic Behavioral Analysis For Instantaneous Identification and Reduction of Changing Security Risks on the World Wide Web

Integrative Security Management for Web-Based Enterprise Applications

Do Content Management Systems Impact the Security of Free Content Websites? A Correlation Analysis

Security Issues in Workflow Management System

Security Architecture For Web Services

Evaluation of Static Analysis on Web Applications

Architecture of Multi-Dimension Web Application Security Based on OWASP and WASC

A System Framework of Security Management in Enterprise Systems

Security in IS and social engineering -- an overview and state of the art

Form-Oriented Security Analysis of The WrecDirect Web Application

Overview of security issues in electronic document management systems

A Framework of Information Security Integrated with Human Factors

Towards adaptive and proactive security assessment for energy delivery systems

An Analysis of Security and Performance Concerns in Mobile Web Application Development: Challenges and Open Issues

Secure Software Development: Issues and Challenges

Design and implementation of Web Content Management System by J2EE-based three-tier architecture: Applying in maritime and shipping business

Analysis Framework for Web Content Security Based on Ontology