Guoning Lv,Min Gao,Xiaoyu Ji

DOI: https://doi.org/10.1007/978-3-319-42291-6_60

2016-01-01

Abstract:Nowadays the logistics system has become an indispensable element for economic commerce activities, while information security is an important foundation in ensuring the development of electronic commerce logistics system. The purpose of this paper is to investigate the role of information security in electronic commerce logistics system. In that regard, an information security model is developed to protect the electronic commerce logistics system.

Shilong Jiang,Chen Zhang,Bin Huang

DOI: https://doi.org/10.4028/www.scientific.net/AMR.756-759.3039

2013-09-01

Abstract:Online payment is apparently the key for the online transactions, so its security issue becomes the center of focus in the e-commerce development. In China, however, the information leakage, transaction fraud and other security issues have occurred so frequently that they have severely affected the customer confidence, and have become one of the major blockages in the e-commerce development. This article intends to have an in depth discussion of online payment security issues, examining current situations and problems in security technology, corporate social responsibility, and also propose appropriate strategic recommendations.

Computer Science,Business

Anne James,Waleed Bul’ajoul,Yahaya Isah Shehu,Yinsheng Li,Godwin Attah Obande

DOI: https://doi.org/10.1049/pbse001e_ch6

2018-01-01

Abstract:The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyberattacks. This chapter outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are (1) biometrics for authentication, (2) parallel processing to increase power and speed of defenses, (3) data mining and machine learning to identify attacks, (4) peer-to-peer security using blockchains, (5) enterprise security modeling and security as a service, and (6) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated.

Stanislav Dakov,Anna Malinova

DOI: https://doi.org/10.12955/pns.v2.135

2021-10-24

Proceedings of CBU in Natural Sciences and ICT

Abstract:E-commerce security is part of the Web security problems that arise in all business information systems that operate over the Internet. However, in e-commerce security, the dimensions of web security – secrecy, integrity, and availability-are focused on protecting the consumer’s and e-store site’s assets from unauthorized access, use, alteration, or destruction. The paper presents an overview of the recent security issues in e-commerce applications and the usual points the attacker can target, such as the client (data, session, identity); the client computer; the network connection between the client and the webserver; the web server; third party software vendors. Discussed are effective approaches and tools used to address different e-commerce security threats. Special attention is paid to Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), phishing attacks, SQL injection, Man-in-the-middle, bots, denial-of-service, encryption, firewalls, SSL digital signatures, security certificates, PCI compliance. The research outlines and suggests many security solutions and best practices.

Kezhong Liu,Juan Ma,Chunhui Zhou,Y. Wen

DOI: https://doi.org/10.1109/ISBIM.2008.168

2008-12-19

Abstract:With the rapid development of e-commerce, security issues are arising from people's attention. The security of the transaction is the core and key issues of the development of e-commerce. This paper about the security issues of e-commerce activities put forward solution strategy from two aspects that are technology and system, so as to improve the environment for the development of E-commerce and promote the further development of E-commerce.

Computer Science,Business

Akash Bhardwaj

Abstract:the ideas, Trust, Risk, Privacy and Security, are broadly utilized in different investigations done by numerous controls, and they are frequently mistakenly allowed to nearly as equivalent words. The point is to clear up the ideas from the buyer perspective in internet business. The discoveries of our subjective examination recommend a few connections between the four ideas and fills in as building obstructs for further research. Electronic business has expanded significantly as of late, as a result of the transformation in data innovation. The administrations given by online business organizations could be influenced by a few factors, for example, protection, security, trusts and saw dangers. In this paper, we propose a fundamental hypothetical model that researches the connection between protection, security concerns, and saw dangers, and how it would identify with clients' dimension of trust in internet business. An overview that includes 100 members has been directed and broke down testing various theories concentrated on concentrate the qualities of each factor, and its impact on the apparent dangers related with startling circumstances. The aftereffects of this examination think about demonstrate that a positive relationship exists between the apparent dangers and a portion of the security properties, for example, control and notice. A positive relationship additionally exists between the apparent dangers and a portion of the security traits, for example, privately and uprightness. Further, the investigation exhibits a positive connection between saw dangers and clients' dimension of trust.

Computer Science,Business

William Song,Deren Chen,Jen-Yao Chung

DOI: https://doi.org/10.1007/978-3-540-30209-4_16

2004-01-01

Abstract:E-commerce development and applications have been bringing the Internet to business and marketing and reforming our current business styles and processes. As Business to Business (B2B) has been a main stream of the e-commerce activities for a decade, business to customer (B2C) is still a new area to explore. Among the business to customer activities, a strong impact is security, i.e., how to protect secrets of various parties in business transactions. Different security methods apply to different businesses and meet different customers' needs. The methods with low cost and easy to implement may be less secure, whereas the methods providing high level security can be unaffordable to many small enterprises and individuals. In particular, people, while browsing or surfing on the Web, wish to pay a very small amount and "buy" (perhaps just download) an interesting item from the Web. The "click-and-pay" or "click-and-buy" does not require high security protection and should be convenient to use (buy and pay). Micro-payment issue emerges from the context to meet the need of applicability of low secure and cost in e-purchase. Payments of small amounts may enable many exciting applications on the Internet, such as selling information, small software and services. Users are willing to pay a small amount of money for the information, software and services. While the payment is small, expensive security protection is unnecessary. What users require may include negligible delay, rapid click-through, and automatic billing. Micro-payment is a service intensive activity, where many payment tasks involve different forms of services, such as payment method selection for buyers, security support software, product price comparison, etc. In this paper, we intend to investigate and analyze various aspects of micro-payment system using the web service technology. We will discuss business patterns for micro-payment systems using Web Services approaches.

张峰,秦志光,刘锦德,张险峰

DOI: https://doi.org/10.3969/j.issn.1002-137X.2002.11.032

2002-01-01

Computer Science

Abstract:Electronic commerce operates relying on the open Internet. Security architecture for e-commerce becomes the key point to its use prosperously. A finite automation of typical e-commerce model is presented in this paper. The finite automation simulates typical trade system, describes its states transition and supplies a theory basis for designing security architecture for e-commerce. Then security threats and corresponding solutions to the model are discussed. Finally, the security architecture for e-commerce is given. All of them are used as basis for further e-commerce security research.

Debajyoti Mukhopadhyay,Sangeeta Mishra

DOI: https://doi.org/10.48550/arXiv.1102.0706

2011-02-03

Computers and Society

Abstract:E-commerce is an emerging technology. Impact of this new technology is getting clearer with time and results are tangible to the user community. In this paper we have tried to focus some of its issues like paradigms, infrastructure integration, and security, which is considered to be the most important issue in E-Commerce. At first we have elaborated the paradigms of E-Commerce (Business-to-Business and Business-to-Consumer). Then comes the necessity of infrastructure integration with the legacy system. Security concerns comes next. Rest of the part contains conclusion and references.

Ban WU,Jun-sheng WU

DOI: https://doi.org/10.3969/j.issn.1671-654X.2006.02.020

2006-01-01

Abstract:With their powerful functions of communications security,anti-forgery,anti-revision and anti-irrecognition,encryption and discrimination have emerged as the key techniques for the security system of e-commerce.This paper works out a complete set of solutions for the security of e-commerce, based on researches in DES of the symmetrical secret key encryption system,RSA of the non-symmetrical secret key encryption system and SHA of literature.

George S. Oreku,Jianzhong Li,Fredrick J. Mtenzi

DOI: https://doi.org/10.1504/ijitst.2009.023903

2009-01-01

International Journal of Internet Technology and Secured Transactions

Abstract:Traditional access control a.k.a. authorisation for e commerce systems is not flexible and efficient enough to combat the new emerging security challenges and public remains concerned about the security of online transactions as can be seen from http://www.security-survey.gov.uk. Challenges like changes in consumer's behaviour, advances in broadband technology, industrial maturity and entropy converging to usher in a new era of e-commerce security. The authors' proposed framework provides trust transformation rules which have associated conditions for authorisations to control access. The introduction of trust method formalises the conditions within logical perspective. The authors aim to build the architecture and trust model for trust and authorisation within an e-commerce service system. The architecture will help to build a secure e-commerce service system. The underlying framework will not only inform researchers of a better design for secure e-commerce service, but also assist e-commerce systems developers in the understanding of intricate constructions within trust and authorisation. This includes protecting transactions records of customers in terms of information privacy and access. The authors also propose rigorous logical foundation for trust and authorisation in e-commerce service environments based on ABLP.

Xiang Liu,Sayed Fayaz Ahmad,Muhammad Khalid Anser,Jingying Ke,Muhammad Irshad,Jabbar Ul-Haq,Shujaat Abbas

DOI: https://doi.org/10.3389/fpsyg.2022.927398

2022-10-19

Abstract:This study explores the challenge of cyber security threats that e-commerce technology and business are facing. Technology applications for e-commerce are attracting attention from both academia and industry. It has made what was not possible before for the business community and consumers. But it did not come all alone but has brought some challenges, and cyber security challenge is one of them. Cyber security concerns have many forms, but this study focuses on social engineering, denial of services, malware, and attacks on personal data. Firms worldwide spend a lot on addressing cybersecurity issues, which grow each year. However, it seems complicated to overcome the challenge because the attackers continuously search for new vulnerabilities in humans, organizations, and technology. This paper is based on the conceptual analysis of social engineering, denial of services, malware, and attacks on personal data. We argue that implementing modern technology for e-commerce and cybersecurity issues is a never-ending game of cat and mouse. To reduce risks, reliable technology is needed, training of employees and consumer is necessary for using the technology, and a strong policy and regulation is needed at the firm and governmental level.

Xin Wang,Yachao Jia,Lei Guo

DOI: https://doi.org/10.1109/icitbs.2015.198

2015-01-01

Abstract:In this paper, the necessity of building e-commerce environment security system is analyzed in detail, and that the construction of electronic business environment security is not only beneficial to the electronic commerce itself, but also to provide consumers with more excellent consumer environment. Followed by the construction of the security of e-commerce environment was AHP analysis, come to computer technology play a major role in the security of e-commerce environment, as well as e-commerce system to assess the level of risk assessments.

Wang Haoyu

DOI: https://doi.org/10.1109/iccis.2012.213

2012-01-01

Abstract:There has been increasing challenges in the effective structure of crucial information for effectual information security, personal privacy and data protection. Especially, when in an age of e-commerce, risks and threats from e-commerce transaction have been keeping rising up. Both new ways of cyber information security and security breach, which have affected people's life in some particular aspects, are stated and renewed all the time. Because of the specific characteristics of carrying out online transaction, data transition plays a very heavy role in personal information security, and also, it incurs security breaches.

Ashish Kr. Luhach,Sanjay K Dwivedi,C K Jha

DOI: https://doi.org/10.48550/arXiv.1407.2421

2014-07-09

Cryptography and Security

Abstract:Rapid evolution of information technology has contributed to the evolution of more sophisticated E- commerce system with the better transaction time and protection. The currently used E-commerce models lack in quality properties such as logical security because of their poor designing and to face the highly equipped and trained intruders. This editorial proposed a security framework for small and medium sized E-commerce, based on service oriented architecture and gives an analysis of the eminent security attacks which can be averted. The proposed security framework will be implemented and validated on an open source E-commerce, and the results achieved so far are also presented.

Wei Pan,Weihua Li

DOI: https://doi.org/10.1109/ICMeCG.2009.111

2009-01-01

Abstract:E-Commerce systems are suffering more and more security issues. Vulnerabilities of authentication systems are revealed when various attacks and malicious abuses are developed and deployed to violate security of system and information. To improve the ability to defend authentication system against invasion and abuse, a novel penetration testing method for E-Commerce authentication system is proposed to scrutinize the vulnerabilities of e-Commerce authentication system and evaluate severity level of potential vulnerabilities. The penetration testing method is an active vulnerability analysis and verification method that can mimic active attacks and perform exploitations by constructing effective and concise penetration testing cases. Through analyzing dynamic taint propagation, the presented method can determine feasibility of the attacks and evaluate security of authentication system. The experiment demonstrates the proposed method can serve as a viable and effective candidate for security detection of authentication system.

Shiyu Wang

DOI: https://doi.org/10.1088/1742-6596/1915/4/042044

2021-05-01

Journal of Physics: Conference Series

Abstract:Abstract With the rapid development of economy, e-commerce has become a part of people’s life, which has changed people’s way of life. Taobao, Jingdong and other B2B, B2C, C2C trading platforms have changed the traditional way of shopping, which can meet the consumption needs of modern people. Therefore, the 21st century has entered the era of e-commerce. At present, there are many hidden dangers on the Internet, such as stealing information, tampering with information, counterfeiting and so on, which will seriously damage the property security of Internet users. However, e-commerce is inseparable from the Internet, which requires us to continuously strengthen computer security technology (hereinafter referred to as CST). Computer network security has become a key issue of e-commerce, which requires us to constantly improve information security and anti-counterfeiting. Therefore, we have applied a variety of computer security technologies in e-commerce, such as digital signature, firewall, VIP and so on. First of all, this paper analyzes the role of CST in e-commerce. Then, this paper puts forward some problems. Finally, this paper puts forward the CST applied in ecommerce.

Sm Wang,R Tao,Y Wang

DOI: https://doi.org/10.1109/CACWD.2004.1349102

2004-01-01

Abstract:It comes to the information society, Internet is one of the biggest push issue to the transform. Key aspects were the increased availability of computer networks and the trend towards teamwork. So comes out the CSCW technique. EC is one of the typical uses of CSCW so the paper introduces the basic conception of CSCW and EC, and then gives the secure analysis to EC, emphasis on the techniques of it. Then the paper gives a detailed analysis on mobile EC, it the tendency of EC, gives out the PKI and other techniques used in mobile EC to solve the secure problems.

Kuo-Sui Lin

DOI: https://doi.org/10.11648/j.ajomis.20170201.12

2017-01-04

Abstract:Over the past decade, e-commerce creates exciting new opportunities for business but also brings new web application vulnerabilities and transaction security risks. A stream of news of phishing attacks, website spoofing, payment card skimming (credit /debit cards), fraud in online transactions, malware attack (malicious code attack of viruses, worms, Trojans, and bots), hacker/cracker infiltration, vandalism, identity theft and data breaches of payment card or bank details are increasingly reported. Web application security risk management, therefore, is essential for secure e-commerce online transactions, including order processing, payment transaction, banking and clearing processing. Therefore, the main purpose of this study was to propose a web application security risk management methodology to perform e-commerce web application security risk management, helping organizations understand and improve their e-commerce web application security risks. In order to achieve this purpose, the goal of this study has been two-fold: (1) How will organizations measure threat likelihood, impact consequence and severity of their e-commerce web application security risk? (2) What management methodology is required to prompt the e-commerce web application security vulnerabilities measurement and improvement? Using OWASP Top Ten Vulnerabilities as target items, the proposed management methodology is disciplined in a PDCA based ISO/IEC 27005 iterative process activities, integrating Common Criteria attack potential ratings as threat likelihood scales and the FIPS 199 impact categories as impact consequence scales to categorize severity of every e-commerce web application vulnerabilities. Following the proposed management procedure, all the critical e-commerce web application vulnerabilities can be reviewed, analyzed, prioritized and remedied effectively and efficiently, moving on again in a continuous cycle.

Computer Science,Business

Raju Barskar,Anjana Jayant Deen,Jyoti Bharti,Gulfishan Firdose Ahmed

DOI: https://doi.org/10.48550/arXiv.1005.4266

2010-05-24

Cryptography and Security

Abstract:E-Commerce offers the banking industry great opportunity, but also creates a set of new risks and vulnerability such as security threats. Information security, therefore, is an essential management and technical requirement for any efficient and effective Payment transaction activities over the internet. Still, its definition is a complex endeavor due to the constant technological and business change and requires a coordinated match of algorithm and technical solutions. Ecommerce is not appropriate to all business transactions and, within e-commerce there is no one technology that can or should be appropriate to all requirements. E-commerce is not a new phenomenon; electronic markets, electronic data interchange and customer e-commerce. The use of electronic data interchanges as a universal and non-proprietary way of doing business. Through the electronic transaction the security is the most important phenomena to enhance the banking transaction security via payment transaction.