Thesis on e-commerce security

Therry, , p4. According to Collis, D. Ravichandran and C. Figure 3. In his research A. Raverini , p. According to the framework presented by Turban Turban et al. From this framework, this study will focus on the security of e-payment systems because it is the core of the electronic commerce capability which allows the concretization of the transaction. From this choice of e-payment systems as a prime focus of this research, another implication is that it is not easy to talk about electronic payment systems that are using IT capabilities systems, software, and human without having a look at the way online transactions are to be secured in order to enable effective e-commerce development.

That's why this particular aspect of the IT capabilities of e-payment systems which consists on security of online payment system is the focus of this research about e-commerce capabilities readiness in DRC. The target of this research in the bank sector will be focused on the following payment systems; online banking payment system and the local private and international well known bank cards provided by local commercial banks.

Evaluation of Most Effective Third-Party E-Commerce Platform in

It must be understood that in the scope of this research, some local banks are using well known international cards such as Visa and MasterCard that are used worldwide as payment system online and offline and therefore providing some confidence to the user because of their brand name recognition and the existence of payment systems installed at the banks and shops. This study will also assess the security readiness of the e-payments systems and any other online payment system proposed by local commercial banks in order to leverage them for an effective e-payment system for the development of e-commerce in RDC.

Also, as stated previously in this section, the advert of mobile network with gsm operator providing money transfer facility via mobile phone handsets, a new e-payment system is born in the country which is of big interest on e-commerce development; mobile payment which is described below.

The development of mobile network opens an opportunity to mobile operators to provide money transfer and payment system facilities using available communication credit loaded into the sim card. Mobile phone users can then, as for the stored-value card, store money as telecommunication credit in their mobile phone which can be used to pay goods and services to merchants, participating as partners of mobile operators.

In DRC, some mobile operators are working with banks to link m-payment account to real bank account. This payment system is used to pay salaries for public administration's staff in areas without banking facilities. Because this activity is not developed by the government; regulation is the main concern for this payment system. However, in this study, as for the other e-payment systems described in the research, security of the m-payment system will be assessed for its effective participation in e-commerce transaction.

E-commerce, as defined earlier in this work embedded new processes which require necessary physical IT infrastructure, managerial and organizational capabilities in order to succeed. All definitions of e-commerce show its dependency to information system infrastructure and processes to conduct business activities online. There is an evident relationship between e-commerce capabilities and IS infrastructure Kevin Zhu, Weill and M. E-payment systems will use IT infrastructure to enable processing of payment transactions.

There are many capabilities required and needed to implement an effective e-commerce business, among which most important are:. Laudon, and Anthony Tarantino, Tarantino, opcit, p According to ISO , there are three fundamental attributes of an information asset data representing a value for an organization ; confidentiality, availability and integrity which can be impacted by risks from a wide range of threats: fraud or criminal activity, system failure, user errors, etc A.

Tarantino, , p Confidentiality - Ensuring that information is accessible only to those authorized to have access to it,. Integrity - safeguarding the accuracy and completeness of information and processing methods,. The highest worry about e-commerce users is that their personal information, especially credit card number, bank account details, can be stolen when proceeding online transaction or on the server of the company running the online business.

Evaluation of Most Effective Third-Party E-Commerce Platform in Senegal

According to Timothy P. Figure 5: Level of acceptable security for e-commerce Source: Gary Schneider, , p The most important for the security policy development is to make sure that answers can be provided to the following questions:. V' Who is allowed to connect and access to the site? V' Who or what causes a specific event to occur on the system and when it happens?

These fundamental questions will be the drivers for en effective security policy implementation for an e-commerce information system. This research considers computer security in the context of all kinds of threats that an information system can face that is able to destroy abuse or corrupt the information: unauthorized access, use, modification or deletion of information.


Gary Schneider, , p In today's computer use, the big threat is called hackers or crackers who are able to break security of information system and gain unauthorized access to computers or servers to steal information or damage the system. Client computers laptop and desktop or wireless devices are used to connect to the internet in order to participate to the e-commerce.

These client machines or devices must be protected against threats or harmful programs contained in web sites. In this section an overview of web sites contents which represent a threat to the client computers such as cookies, web bugs, active contents, java applets, java script, active control, and graphics or plug in, viruses and worms will be discussed. In the context of security, the definition that describes well cookie is provided by Turban Turban et al.

This definition states clearly that a cookie is like a spy who observes user's online activity, therefore susceptible to illegal activity on a client machine. For e-commerce, web server's cookies store useful information about user activity such as shopping card information which will be required by the payment processing system. In the context of e-commerce, active content permits for example to place items in a shopping cart, calculate the total amount of the invoice and deduct the tax, add shipping cost and any other fees automatically when a user shop online.

Active content can be java applets, JavaScript, Vbscript and active controls which are used on the web site to implement automation or execution of some actions. Activex control is to be associated to object on the web page in which programs and properties have been embedded. Active content, java applets, active control can implement malicious instructions which can break security of the client computers.

Virus is program that attaches itself to another program in the computer to cause damage in the host computer every time when this application program will be executed. Schneider, The countermeasure against virus and worm is antivirus software installed on all computers and servers in the network.

Like for the epistolary communication with signed letters or documents to identify the sender by its signature, electronic communication uses digital signature in place of the personal signature. Digital signature uses the encryption technology to ensure that only authenticated users can access to the resource. Digital certificate or digital ID is defined by G. Digital signature and digital certificate are used to ensure confidentiality of the transaction on the web site; they can help to ensure secured online transaction for e-commerce.

Data packets flowing to the internet are not using the same path to reach the server. Information sent over the net can be intercepted, altered or deleted before it can reach the receiver. E-commerce will face integrity, confidentiality and availability threat inherent to the nature of the Internet as communication channel. The main concern of confidentiality is to make sure that information is protected against unauthorized disclosure, while the privacy is concerned by the legal instrument and policy to ensure the protection of private information.

The theft of sensitive information or personal data such as credit card number, names, and addresses is one of the most important threats for e-commerce. Therefore, e-commerce infrastructure must address this threat with highest priority. One of the technology solutions used to ensure data confidentiality is the encryption tools and solutions. In this study, the definition given by G. Encrypted information can travel around the internet to ensure that it can't be disclosed easily.

An integrity threat appears when information or data can be object of unauthorized modification, alteration, creation or deletion.

  • E-Commerce Dissertation Topics;
  • E-Commerce Information Management System Data Security Research;
  • university chicago booth school business essays.
  • good ap us history thesis statements.
  • Best Ecommerce Research Topics Writing Experts.
  • an essay on a journey to space.
  • Intrusion detection system : a step ahead in protecting e-commerce security infrastucture.

Cyber vandalism is one of the examples of integrity violation because it destroys or modifies information on existing web sites. Integrity prevention can be achieved by intrusion detection systems which monitor suspicious activity on the network or computer to prevent unauthorized access to information stored on the system or transmitted on the network. The availability threat consists of all events which cause delay or deny access to data. The most known is the Denial-of-Service DOS attack which trouble normal operation of a computer or server and can conduct on abnormal slowness of the server, network or electronic systems such as Automated Teller Machine ATM.

E-payment systems must be protected by IDS or Firewall able to stop these kinds of attacks.

The Impact Of E Commerce On Retail Industry

To conclude on the communication channels, it is clearly described in the previous sections that e-commerce relies on the confidentiality, integrity and availability CIA of information and the business web site Turban et al. Authorization is the process of ensuring that the authenticated entity has been granted rights to access resource and which operations it'll perform on it. The non repudiation will ensure that authenticated entity cannot falsely deny action it conducts online.