One of the main challenges that modern Information Systems are dealing with is the protection of security for both the external users that take advantage of the various services offered as well as the stakeholders and internal users. Security is dealt in every level of system development from the analysis stage through the implementation and testing stages. In every stage a number of methods and techniques have been proposed trying to fulfill the basic security concerns namely confidentiality, integrity and availability