Ashish Kr. Luhach,Sanjay K Dwivedi,C K Jha

DOI: https://doi.org/10.48550/arXiv.1407.2421

2014-07-09

Cryptography and Security

Abstract:Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the eminent security attacks which can be averted. The proposed security framework will be implemented and validated on an open source E-commerce, and the results achieved so far are also presented.

Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

Guoning Lv,Min Gao,Xiaoyu Ji

DOI: https://doi.org/10.1007/978-3-319-42291-6_60

2016-01-01

Abstract:Nowadays the logistics system has become an indispensable element for economic commerce activities, while information security is an important foundation in ensuring the development of electronic commerce logistics system. The purpose of this paper is to investigate the role of information security in electronic commerce logistics system. In that regard, an information security model is developed to protect the electronic commerce logistics system.

Zhang Xiao-Guang,Li Jing-Song,Zhou Tian-Shu,Yang Yi-Bing,Chen Yun-Qi,Xue Wan-Guo,Zhao Jun-Ping

DOI: https://doi.org/10.1109/ITIME.2009.5236236

2009-01-01

Abstract:Interoperability among healthcare information systems is one of the most challenging problems in healthcare domain. In this paper, we propose a structure of Interoperable Medical Information System based on SOA (Service-Oriented Architecture) and Web 2.0 under the framework of Regional Health Information Network. Various components are described in detail, including authentication, data access, and services management and so on. Services for medical information getting are registered and published by the system; users then access the system to search and fetch demanded services and value-added applications. All of the heterogeneous and distributed data and applications are converted to independent services according to international standards. As a result of the use of SOA, the system is levels clearly demarcated with good universality and maintainability.

Bambang Sugiantoro,Muhammad Anshari,Danang Sudrajat

DOI: https://doi.org/10.1088/1742-6596/1566/1/012020

2020-06-01

Journal of Physics: Conference Series

Abstract:Abstract Software development usually follows the stages known as the Software Development Life Cycle (SDLC). Development begins with the requirements phase and then continues with the design, development of test plans, implementation (coding), testing, and deployment. However, the security aspect has not been explicitly reflected in SDLC. In fact security must be present at every stage of the SDLC. Application of security in the process of developing software, especially e-Commerce, one of which uses the Security Development Lifecycle-Agile (SDL-Agile) method. The advantage of the SDL-Agile method is the application development process which incorporates a safety factor in each application development process, which is concise, and emphasizes user satisfaction. This objective of this paper examine the deployment of SDL Agile Method for eCommerce website to measure its confidentiality, integrity, and availability of the systems.

Bin Xu,Xiaohu Yang,Yuanhong Shen,Shanping Li,Albert Ma

DOI: https://doi.org/10.1109/cts.2008.4543958

2008-01-01

Abstract:Software architecture is the backbone of a software- intensive system, many architecture models and styles are struggling to make the artifacts more understandable and reusable. Service-oriented programming is proposed to support reusing and enhancing distributed system development and a service-oriented architecture is essentially a collection of services which communicate with each other. However, the practitioners face the trouble in defining the services and identifying the communication request between all the services. Here in this paper, we adopted a role based architecture model named E-CARGO to facilitate the service definition and communication request identifying. An experience was conducted in prototyping a community support system and E-CARGO model was extended with data and authority access in the case study. The case study indicated that the suggested model could facilitate communication request identifying and service definition and could be helpful in identifying the authority control request during role shifting.

Anirban Bhowmik,Sunil Karforma

DOI: https://doi.org/10.1007/s10660-021-09477-w

2021-04-10

Electronic Commerce Research

Abstract:Electronic commerce is the buying and selling of goods and services, or the funds transfer between independent organizations and/or persons over an electronic wireless network, primarily the Internet. It focuses on the use of ICT to enable the external activities and relationship among the business and individuals, groups and other business. These business transactions occur in many formats such as business-to-business, business-to-consumer, consumer-to-consumer or consumer-to-business. It is the one type of trading in products or services using wireless networks like Internet or online social media networks etc. Here the computers, telephones, fax machines, barcode readers, credit cards, debit cards, ATM etc. are used for conducting business in e-commerce system. E-commerce includes the activities such as order entry, transaction processing, online payment, authentication, order fulfillment, inventory control, shipment, and customer support. At present most of the people are participating in e-commerce. In E-commerce system privacy and security of user's information is the most crucial issue at present. Electronic record related to organization or person is sensitive in nature so, it is very significant to impose an advanced security protocol, technical solutions in the system. E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. In this paper we have focused on security issue like technical safeguards for e-commerce. Our technique proposes an LFSR, pell's method and Linear congruence based security model for data security in e-commerce. Here two types of keys i.e., intermediate key, session key are used for encryption-decryption and authentication purpose. This new approach of key generation provides extra robustness in our technique. The different types of experiments on this technique and their results conforms that our technique is very secure and efficient for e-business, e-commerce.

management,business

li zhang,gang zhang

DOI: https://doi.org/10.4028/www.scientific.net/AEF.4.172

2012-01-01

Abstract:SOA has been the effective technical solution to enterprise application integration and business process rebuilding. The paper presents a reference implementation scheme of Commercial Bank Card System based on SOA. In requirement tier, the implementation plan first establishes the full concept model and logical model of Commercial Bank Card System from business request(business use case-business step-atomic business) to system request (system use case-system step-atomic component), then in semantics tier, we give out full description of the model through the combination of OWL and BPEL. At last a SOA's three-tier framework of "requirement-semantics-service" has been built for the Commercial Band Card System.

Oldooz Karimi

DOI: https://doi.org/10.48550/arXiv.1108.1314

2011-08-05

Abstract:In this article, we examine how security applies to Service Oriented Architecture (SOA). Before we discuss security for SOA, lets take a step back and examine what SOA is. SOA is an architectural approach which involves applications being exposed as "services". Originally, services in SOA were associated with a stack of technologies which included SOAP, WSDL, and UDDI. This article addresses the defects of traditional enterprise application integration by combining service oriented-architecture and web service technology. Application integration is then simplified to development and integration of services to tackle connectivity of isomerous enterprise application integration, security, loose coupling between systems and process refactoring and optimization.

Software Engineering

Debajyoti Mukhopadhyay,Sangeeta Mishra

DOI: https://doi.org/10.48550/arXiv.1102.0706

2011-02-03

Computers and Society

Abstract:E-commerce is an emerging technology. Impact of this new technology is getting clearer with time and results are tangible to the user community. In this paper we have tried to focus some of its issues like paradigms, infrastructure integration, and security, which is considered to be the most important issue in E-Commerce. At first we have elaborated the paradigms of E-Commerce (Business-to-Business and Business-to-Consumer). Then comes the necessity of infrastructure integration with the legacy system. Security concerns comes next. Rest of the part contains conclusion and references.

Raju Barskar,Anjana Jayant Deen,Jyoti Bharti,Gulfishan Firdose Ahmed

DOI: https://doi.org/10.48550/arXiv.1005.4266

2010-05-24

Cryptography and Security

Abstract:E-Commerce offers the banking industry great opportunity, but also creates a set of new risks and vulnerability such as security threats. Information security, therefore, is an essential management and technical requirement for any efficient and effective Payment transaction activities over the internet. Still, its definition is a complex endeavor due to the constant technological and business change and requires a coordinated match of algorithm and technical solutions. Ecommerce is not appropriate to all business transactions and, within e-commerce there is no one technology that can or should be appropriate to all requirements. E-commerce is not a new phenomenon; electronic markets, electronic data interchange and customer e-commerce. The use of electronic data interchanges as a universal and non-proprietary way of doing business. Through the electronic transaction the security is the most important phenomena to enhance the banking transaction security via payment transaction.

Zhiqiang Nie

DOI: https://doi.org/10.1109/ICACTE.2010.5579578

2010-09-20

Abstract:To achieve the goal of e-commerce of Linyi Mall, this paper proposes an SaaS-based online mall trusted platform architecture. Platform uses SOA technology. Business lease e-commerce services required through the Internet to the online mall platform. This paper also studied the customer data security and credibility in the SaaS platform. Platform uses access control technology and information encryption technology to achieve effective management of customer permissions and their data privacy protection, while supporting the efficient running of the system.

Computer Science

Hua Zheng,Lin Liu,Ying Li

DOI: https://doi.org/10.4304/jsw.4.1.50-57

2009-01-01

Abstract:The rapid development of E-Commerce not only generate huge amount of business opportunities but also raises a new question to the supporting platform of E-Commerce. Nowadays, E-commerce platform design is one of the hot spot of E-commerce research. The traditional 3-layered E- commerce platform can’t meet the requirement of today’s E-commerce application which is more complicated than before[1]. The most significant disadvantage of today’s platform is that it can not let clients share the commercial data in terms of their need and the platform is not in a form of a whole assembled software or webpage package reflecting various kinds of need of the customer or providing solutions for each specific customer request. This paper firstly use the use case diagram to analyze requirement of the third party E-commerce platform and then gives a SOA based solution called IFTPEC in which information integration ability is assembled. Then the paper analyzes its architecture and supporting environment and discusses its information fusion model. Finally it’s working framework and key technologies are presented. The implementation of the system can resolve these two questions and provides effective support for integration and operation for the complicated and dynamic E-commerce mode.

han zhang,gerald weber,william zhu,clark thomborson

DOI: https://doi.org/10.1109/ICCIAS.2006.295321

2006-01-01

Abstract:We develop a new formalism for the security analysis of business logic. Our formalism can be applied to business logic in its early design stages, after the implementation is complete, or at any intermediate time. We illustrate the use of our formalism in a case study based on an initial design for a B2B e-payment system. Our analysis successfully identifies an operational risk for the trusted intermediate party.

Jag,Pathak,Cff

Abstract:The categories of e-commerce, like Business-to-Business (B2B), Business-to-Customers (B2C) and mobile Commerce (m-Commerce) makes use of core technologies different from each other (Salazar et al, 2003; Maxey, 2001) however, the common factor remains unchanged from the auditors' perception, i.e. risk and its potential to harm the integrity and accuracy of the data and decisions based on such data. E-commerce has begun in its varied facets. As an auditor, one may have to audit them. My effort is to identify the risks and show their impact on the assurance of the information system of any organization. AICPA/CICA (Cashell & Aldhizer III, 1999; Primoff, 1998) has jointly offered seal of assurance at web level and system level. The limitations of these certifications are equally important for an auditor as the objectives and the perceptions of these approval auditors are limited to their respective goals established by these accounting bodies. But, the role and functions of an auditor are beyond those of the assurance approval auditors. The organizational decision making processes are dependent on various segments of information bases whereas these assurance providers audit a limited amount related to their interest. This conceptual paper attempts to show why an auditor is expected to provide a much higher level of assurance to the organizational executives amidst a plethora of risks faced by their information and databases and accordingly a framework is provided for auditors to be implemented in the cyber entities under their review.

Computer Science,Business

Kezhong Liu,Juan Ma,Chunhui Zhou,Y. Wen

DOI: https://doi.org/10.1109/ISBIM.2008.168

2008-12-19

Abstract:With the rapid development of e-commerce, security issues are arising from people's attention. The security of the transaction is the core and key issues of the development of e-commerce. This paper about the security issues of e-commerce activities put forward solution strategy from two aspects that are technology and system, so as to improve the environment for the development of E-commerce and promote the further development of E-commerce.

Computer Science,Business

Xiao Yu,Yueting Chai,Yi Liu

DOI: https://doi.org/10.1109/ISECS.2009.184

2009-01-01

Abstract:With the rapid development of e-commerce, electronic contracts are not secure enough for both businessmen and government, due to the absence of authentication, integrality, non-repudiation, uniform specification and centralized management. We propose that e-contract should involve digital signature as its primary element, and the E-Contract Record Center should be introduced into the management of e-contract. In this paper, we present a model for electronic contract enactment, monitoring and management based on the security view. Additional, a framework for e-contract management is presented with the purpose of regularizing the e-commerce market, protecting businessmen’s right and interests, and facilitating governmental monitoring of the e-commerce market, where we define a lifecycle of e-contract and recounted the establishment process of e-contract. Finally, we present implement architecture for the model and framework given above, which give the service and module design of two systems: e-contract system and ECRC system.

Mujeeb-ur- Rehman Jamali,Shahmurad Chandio,Nadeem Ahmed Kanasro

DOI: https://doi.org/10.21015/vtse.v11i1.1391

2023-03-26

VFAST Transactions on Software Engineering

Abstract:E-commerce and mobile commerce are two new business methodologies that utilize the cloud. A new technology called cloud computing uses the Internet to process and store data from a network of distant computers that are dispersed around the globe. Any online transaction must have security as a necessary component. Therefore, one of the main issues with the cloud is security. If electronic commerce's security is breached, customers can lose trust in it. An unauthorized individual should not have access to or be able to intercept a customer's personal information while it is being transmitted. Data integrity is a major problem since personal information shouldn't be changed before, during, or even after it is at rest on the network. The suggested solution ensures the protection of personal data and the avoidance of security problems. We have developed a solution in this study to address issues with privacy, confidentiality, and the integrity of data stored in the cloud, among other security-related issues. The suggested method employs over-encryption that is double encryption, to avoid the various security issues. It can be inferred from the results that ECC (secp256r1) utilised less time for encryption operation as compared to others asymmetric algorithms with small dispersion from means and recorded results behaviour of data is consistent because data point tends to be very close, Decryption operation ElGamal during of time was smaller than ECC and RSA with small consistent behaviour.

E. S. Soegoto,A. Suripto

DOI: https://doi.org/10.1088/1757-899X/407/1/012008

2018-09-26

IOP Conference Series: Materials Science and Engineering

Abstract:This paper involves designing an E-commerce Information system on one of Web-based online shopping. This business classified as a very new stand and join the world of e-commerce. Web-based e-commerce becomes the choice of other media to promote the business, which is expected to be able to expand the media and promotion get a bigger profit from that expected. The method used in this journal was development of prototype system and system approach structured with flow map tools, context diagrams and data flow diagram, data dictionary, table relation. E-commerce information system on one of the online shop in this design will facilitate the admin in data processing, bookkeeping, and media campaigns and facilitate consumers in choosing products from Echtalia shop. With the existence of this system improve the efficiency of time both for consumer and party of Echtalia shop.

Business,Physics,Computer Science

Beibei Shao

2009-01-01

Abstract:The service-oriented architecture (SOA),which is utilized for application system integration for group enterprises, can adapt to the heterogeneous and distributed features of the systems, but has problems that challenge the system security. A cross-domain access control scheme is presented for enterprise applications to resolve the SOA security problems. The core idea is to build a uniform agent-based authentication and authorization system based on the conventional SOA implement model, which achieves shared management and access control of the service resources on the enterprise service bus (ESB) to ensure safe, reliable access across the security domains. This scheme enhances the syetem security, scalability and alterability in the informatization construction of large group enterprises.