A Systematic Literature Review on Security Indicators for Open-Source Enterprise Resource Planning Software

Autor: Jane Wanjiru Njuki, Geoffrey Muchiri Muketha, John Gichuki Ndia
Rok vydání: 2022
Zdroj: International Journal of Software Engineering & Applications. 13:27-38
ISSN: 0976-2221
DOI: 10.5121/ijsea.2022.13303
Popis: Open-source enterprise resource planning (ERP) software has become a preferred alternative for modern organizations due to its affordable cost, availability and ease of access. Open-source software allows access to customizable code which in most instances may have security loop holes due to the nature of its releases. The study is motivated by need for accountability and security assurance by stakeholders and the need for justification of investments towards information security. The objective was to analyse security indicators for open-source resource planning software. Papers and journals published between 2017 and 2021 from IEEE, ACM, Springer, arXiv, Wiley online library and EBSCO were reviewed. Out of the publications generated through the Google search, 62 publications were selected by reading the title, abstract, introduction and full text. Results indicate un-updated software, full access rights, inadequate training, failure to comply, single authentication and unauthorized software as some of the factors that indicate open-source enterprise resource planning software security. In conclusion effectiveness of mitigation measures to address these factors shows security or insecurity. Notably, there is need to institute security control measures and metrics for the identified factors to help assess security posture of enterprises during ERP software implementation. We recommend the design of security a measurement framework and definition of a metrics suite for assessing open-source ERP software security.
Databáze: OpenAIRE