In an emerging economy like Nigeria, internet-based businesses are growing at an exponential rate but this growth is highly threatened by many instances of fraud and e-systems' compromise. While a lot of research work has been done on how to secure e-commerce transaction protocols, improve cryptographic schemes and amend the technical and business issues in e-commerce, the area of mitigating security challenges by incorporating security modules at design time has not been thoroughly explored. Hence, in this paper we present a framework for e-commerce security with a focus on four security design countermeasures models; Authentication, Authorization, enforcement of Access Control and Protection of Transaction privacy. The proposed framework which enhances National Institutes for Standards and Technology (NIST) security model, ensures that adequate security measures are incorporated in an e-commerce system at design time. The framework also ensures designing of secured ecommerce systems which are devoid of the expensive cost implication of system development life cycle incurred by security defects in the system testing phase which traces back to design shortfalls. For the purpose of this research work, we evaluate features called Malicious Attack Enablers (MAE) which aid malicious attack to thrive. The proposed framework will, therefore, aim at securing e-systems against these MAEs while satisfying legitimate user requirements. We assert the competence of our proposed framework by incorporating our security models into a SET enabled existing e-commerce system design, which will illustrate the effectiveness of our framework at the design phase as opposed to waiting till the testing phase. So we show that our new framework will unscramble the design of cost-effective e-commerce systems with curbed security vulnerabilities while contributing to the improvement of e-commerce security standards.