Study of security issues in the ERP system implementation and development of the security analysis tool

Abstract

There is a growing tendency in the security of an ERP systems. This has resulted in security issues when an implementing an ERP system. Despite many researchers have discovered various solution for the improve ERP system implementation security there are lack ofsolutions to analysis security issues ofMicrosoft Dynamics Navision ERP system. The solution take various inputs parameters related to the ERP systems. Having giving the input system will be analysis the security threats related to ERP system. After the analysis phase system will produce a report; it consists a list of security issues, suggestions and solutions for those identified issues. This solution can be useful to; ERP systems security auditors, ERP systems own organizations, ERP systems implementation organizations or anyone who interested to investigate the ERP system implementation security issues. System modules are developed using Open Source technology by using Apache as web server, MySQL as a database server and PHP/Perl/Python as scripting language. System uses existing Open Source libraries and security scanning tools to perform security analysis. The over system has been designed to work in platform independent manner. System can be accessible using any modem web browser also the users can access the system by hosting the application on they own or rented LAMP or WAMP server. Based on the identified security issues online survey questionnaire was design to understand what target audience are really thinking about the ERP systems security. After the statistically analyzing collected data it shows that those identified issues are significant to the ERP systems security. After development ofthe security analysis tool, it was tested by the target audience by using the test cases. The results show that our solution can evaluated the ERP systems related security issues. In summary, the proposed security analysis tool offers unique features necessary forthe security of Microsoft Dynamics Navision ERP systems. It also overcomes the limitations associated with existing security approaches and enables the protection of the three major components; people, policy and technology.