E commerce(report)
- 3. • E-commerce security is the protection of e-commerce assets from
unauthorized access, use, alteration, or destruction.
• 6 dimensions of e-commerce security
1. Integrity
2. Nonrepudiation
3. Authenticity
4. Confidentiality
5. Privacy
6. Availability
- 5. • Threats
• Threats to information security
• Acts of Human Error or failure
• Espionage/Trespass
• Network Security Goals
- 6. • A threat is an object, person, or other entity that represents
a constant danger to an asset.
• Anyone with the capability, technology, opportunity, and
intent to do harm.
- 9. • Include acts done with no malicious intent.
• Employee Mistakes
• Many of threats can be prevented with controls.
- 10. • Broad category of activities that breach confidentiality
• Controls implemented to mark the boundaries of an organization’s virtual territory
giving notice to trespassers that they are encroaching on the organization’s
cyberspace
• Hackers uses skill, guile, or fraud to steal the property of someone else
- 12. • commerce over open networks (such as internet) can secure if the following
happen:
1.
Server Security
2.
Message Privacy (or confidentiality)
3.
Message integrity
4.
Authentication
5.
Authorization
6.
Audit mechanism and non-repudiation
7.
Payment and settlement
- 13. • Server Security:
• Use firewalls and proxy servers
• Every packet going from the firms computer to the
internet or voice versa will be checked
• “Security” against ”attack” such as viruses,
unauthorized access of hackers, trojan horse can
be provided.
- 14. • Message Privacy
• A key requirement for E-commerce
• it assures that the communication between trading parties are not
revealed to other, therefore unauthorized party can not read or
understand the message
• Message integrity
• another key requirement for e-commerce
• It assures that the communication between trading parties are not
alerted by an enemy.
- 15. • Authentication
• Assures that the “sender” of the message is actually the person
he/she claims.
• Paper message
• The term “authentication” determines the user of the computer is
actually who he/she claims.
• The term “authentication of the receiver”: allows the sender to be
sure that the party he/she intend to get the message is the one
who is receives it.
- 16. • Authorization
• Ensures that the trading party has the authority of transaction
• It prevents the risks that employees transactions create economic
damage
• Authentication vs Authorization
• Once the system knows who the user is through authentication,
Authorization is how the system decides what the user can do
- 17. .)
• Audit mechanism and non-repudiation
• Enables exchanging parties to maintain and revisit the history/sequence of
events during a period of transaction
• In e-commerce, these could be computer time stamps, or records of different
computer of different stage of transactions
• Payment and settlements
• Vital to widespread e-commerce
• Secure e-payment ensures that “commitment” to pay for goods/services over
media are met
- 19. • Electronic Transaction
• Some federal, state and territory governments encourage the adoption of
electronic commerce by enacting and enabling legalization.
• Privacy & Security
While shopping on the Internet, most people typically do not think about what is
happening in the background. Web shopping is generally very easy. We click on a
related site, go into that site, buy the required merchandise by adding it to our cart,
enter our credit card details and then expect delivery within a couple of days. This entire
process looks very simple but a developer or businessmen knows exactly how many
hurdles need to be jumped to complete the order.
- 20. • Copyright & Trademark
Many attempts have been made to address the issues related to
copyrights on digital content. E-commerce has a tremendous
impact on copyright and related issues, and the scope of copyrights
is affecting how e-commerce evolves. It is essential that legal rules
are set and applied appropriately to ensure that digital technology
does not undermine the basic doctrine of copyright and related
rights. From one perspective, the Internet has been described as "the
world's biggest copy machine"
- 21. • Online Terms, Conditions, Policies and Laws
• At the moment, most online privacy policies are produced by
private businesses for individual companies. Governments are
developing legislation to support and strengthen the privacy
protection measures of many businesses. These initiatives are
aimed at regulating the storage, use and disclosure by businesses
of personal information.
• Legislation Dilemma
• Electronic transactions separate e-business from
traditional types ofbusinesses.
- 23. • E-commerce presents a world of opportunity for doing businesses, reaching
global markets and purchasing without leaving the home or office. Ecommerce can provide opportunities to improve business processes, just as
phones, faxes and mobile communications have in the past. However, just
as any new business tool has associated issues and risks so does ecommerce. It's important to understand the legal issues and potential risks to
ensure a safe, secure environment for trading with customers and other
businesses.
In traditional and online trading environments, consumers are entitled to
have their privacy respected. Websites should provide the customers with
choices regarding the use of their personal information, and incorporate
security procedures to limit access to customer information by unauthorized
parties. Privacy policies and procedures should be clearly explained to
customers. Although respecting consumer privacy rights is a legal
requirement, it also represents good business practice. If customers trust a
site and business then they are more likely to trade with it.
- 24. • International Issues
The most significant legal issues that arise with regard to
conducting business over the internet are those involving jurisdiction. A
simple example: if Company A in Japan offers services over the
internet to John Doe in America and a related dispute arises, which
country's laws control and which country's courts have power over
both parties? Jurisdictional questions also arise regarding the power to
tax, whether it be taxing the buying customers, requiring selling
companies to aid in tax collection, or taxing companies' and
individuals' income. There are several types of jurisdictional issues, and
jurisdictional issues are not the only ones that require rethinking as a
result of the Internet revolution. A myriad of legal concerns related to
Internet use have spawned numerous bills in the U.S. Congress as well
as in legislative bodies around the globe.
- 25. Aleira Aila “AYA” Balagot
Maria Betina Arcega
Mcllen Werniel “Macky” Asño
Delmer Gerald “Jhed” Calderon
Kenneth “Kenyong” Baladad
Mark Joevit “BRANDO” Alvarez