BIT791: Security Assessment of E-Business Transactions Report
VerifiedAdded on 2023/06/10
|14
|4143
|361
Report
AI Summary
This report provides a comprehensive security assessment of e-business transactions, focusing on the risks and challenges associated with online commerce. It begins with an introduction to e-business and its security requirements, highlighting the importance of integrity, privacy, authentication, and non-repudiation. The discussion section delves into the objectives of e-business security, common threats like Denial of Service (DoS) attacks, and security concerns such as data integrity, non-repudiation, authentication, confidentiality, and privacy. It explores various security measures including cryptography (symmetric and asymmetric), digital certificates, digital signatures, firewalls, and secure socket layers (SSL). The report emphasizes the need for robust security measures to protect against unauthorized access, data breaches, and financial losses. The report also covers the technical aspects of security, including the roles of digital certificates, digital signatures, and firewalls. The conclusion summarizes the key findings and reinforces the need for continuous security improvements. Recommendations are provided to enhance e-business security practices. The report provides a comprehensive overview of the security landscape within the context of e-business, offering practical insights and strategies for safeguarding online transactions.
Running head: SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
Security Assessment of E-Business Transactions
Name of the Student
Name of the University
Author’s note
Security Assessment of E-Business Transactions
Name of the Student
Name of the University
Author’s note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
Table of Contents
1. Introduction............................................................................................................................2
2. Discussion..............................................................................................................................3
2.1 The Objectives of E-business Security............................................................................3
2.2 Security Concerns related to E-Business Transactions....................................................3
2.3 Security Threats of E-Business........................................................................................8
3. Conclusion..............................................................................................................................9
4. Recommendations................................................................................................................10
5. References............................................................................................................................11
Table of Contents
1. Introduction............................................................................................................................2
2. Discussion..............................................................................................................................3
2.1 The Objectives of E-business Security............................................................................3
2.2 Security Concerns related to E-Business Transactions....................................................3
2.3 Security Threats of E-Business........................................................................................8
3. Conclusion..............................................................................................................................9
4. Recommendations................................................................................................................10
5. References............................................................................................................................11
2SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
1. Introduction
E-business transactions, which is popularly known as E-commerce is defined as the
purchasing and selling of services or products over some form of electronic systems such as
the Internet (Laudon, 2013). It would generally be considered as the commercial function and
sales within the strategy of E-commerce. With the widespread spread of Internet, there has
been a huge level of increase within the increase of sales for businesses. A vast variety of the
transactions of e-commerce is mainly conducted on the internet platform. This would include
the management of supply chain, transfer of electronic funds, internet based marketing,
electronic data interchange (EDI), online processing of transactions and automated systems
the collection of data (Nicolaou, Ibrahim & Van Heck, 2013).
The high amount of increase within the uptake of e-commerce business model has led
to the intake of several associated threats related to security. Each of the e-commerce based
systems should meet for essential requirements related to the security of the transactions such
as integrity, privacy of information, authentication of the online form of transactions and non-
repudiation. Some of these basic requirements are essential for securing the online based
business transactions. The E-commerce service providers should also protect themselves
from several other kind of threats related to the security of the devices such as Denial of
Service (DoS) attacks (Niranjanamurthy & Chahar, 2013).
The perceived amount of lack within the security within the process of transaction and
communication within the online business model could be viewed as a major obstacle within
the uptake of the e-commerce model. The rapid form of advancements within the technology
of e-commerce has forced the business models to upgrade their pattern of implementation of
the security patches within their websites.
1. Introduction
E-business transactions, which is popularly known as E-commerce is defined as the
purchasing and selling of services or products over some form of electronic systems such as
the Internet (Laudon, 2013). It would generally be considered as the commercial function and
sales within the strategy of E-commerce. With the widespread spread of Internet, there has
been a huge level of increase within the increase of sales for businesses. A vast variety of the
transactions of e-commerce is mainly conducted on the internet platform. This would include
the management of supply chain, transfer of electronic funds, internet based marketing,
electronic data interchange (EDI), online processing of transactions and automated systems
the collection of data (Nicolaou, Ibrahim & Van Heck, 2013).
The high amount of increase within the uptake of e-commerce business model has led
to the intake of several associated threats related to security. Each of the e-commerce based
systems should meet for essential requirements related to the security of the transactions such
as integrity, privacy of information, authentication of the online form of transactions and non-
repudiation. Some of these basic requirements are essential for securing the online based
business transactions. The E-commerce service providers should also protect themselves
from several other kind of threats related to the security of the devices such as Denial of
Service (DoS) attacks (Niranjanamurthy & Chahar, 2013).
The perceived amount of lack within the security within the process of transaction and
communication within the online business model could be viewed as a major obstacle within
the uptake of the e-commerce model. The rapid form of advancements within the technology
of e-commerce has forced the business models to upgrade their pattern of implementation of
the security patches within their websites.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
2. Discussion
2.1 The Objectives of E-business Security
There are innumerable ways in which a setup of e-business could be attacked by
different groups of hackers. Most of the common form of threats are viruses, Trojan horses,
hacking, masquerading, eavesdropping and many others. From the perspective of the strategy
of the business, it could be said that the Denial of Service (DoS) attacks would appear to be
as a serious form of threat to any model of e-business (Peltier, 2016). These kinds of DoS
attacks would primarily comprise of malicious acts that would be able to prevent various
access to different kinds of resources. Though the data would not be lost from the e-
commerce transactions, yet the incurred financial based losses would be of a much higher
value. In order to address these kind of issues, a well-planned strategy would be needed.
2.2 Security Concerns related to E-Business Transactions
Despite the several form of limitations and advantages based on E-Commerce
business model, there are some issues related to the security within the model. The security
concerning the use of e-commerce business model is mainly related to prevent the potential
loss and thus be able to protect the financial areas and unauthorized access of information.
Due to the fast developments within the inbuilt technologies, hence the risks involved within
the transactions are also increasing (Niranjanamurthy et al., 2013). Hence, there should be
proper measures in order to avoid the individual as well as organizational losses. In order to
secure the digital based transactions, two kinds of important methods of cryptography would
be needed to follow. These include:
Symmetric (Private-Key) Cryptography – This is such kind of system of
cryptography in which the receiver and the sender would possess the same key. This key
would be able to encrypt a particular message and the same key would be used to decrypt the
2. Discussion
2.1 The Objectives of E-business Security
There are innumerable ways in which a setup of e-business could be attacked by
different groups of hackers. Most of the common form of threats are viruses, Trojan horses,
hacking, masquerading, eavesdropping and many others. From the perspective of the strategy
of the business, it could be said that the Denial of Service (DoS) attacks would appear to be
as a serious form of threat to any model of e-business (Peltier, 2016). These kinds of DoS
attacks would primarily comprise of malicious acts that would be able to prevent various
access to different kinds of resources. Though the data would not be lost from the e-
commerce transactions, yet the incurred financial based losses would be of a much higher
value. In order to address these kind of issues, a well-planned strategy would be needed.
2.2 Security Concerns related to E-Business Transactions
Despite the several form of limitations and advantages based on E-Commerce
business model, there are some issues related to the security within the model. The security
concerning the use of e-commerce business model is mainly related to prevent the potential
loss and thus be able to protect the financial areas and unauthorized access of information.
Due to the fast developments within the inbuilt technologies, hence the risks involved within
the transactions are also increasing (Niranjanamurthy et al., 2013). Hence, there should be
proper measures in order to avoid the individual as well as organizational losses. In order to
secure the digital based transactions, two kinds of important methods of cryptography would
be needed to follow. These include:
Symmetric (Private-Key) Cryptography – This is such kind of system of
cryptography in which the receiver and the sender would possess the same key. This key
would be able to encrypt a particular message and the same key would be used to decrypt the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
same encrypted message from the sender of the message (Mandal, Bhattacharyya &
Bandyopadhyay, 2013).
Asymmetric (Public-Key) Cryptography – In this kind of method of cryptography,
the original message would be encoded and then decoded with the help of mathematically
related key. One of the keys is a public key while the other is a private key (Tripathi &
Agrawal, 2014).
In order to provide the maximum amount of security with the help of cryptography,
the following areas should be taken into deep consideration:
2.2.1 Integrity – In this method, it is extremely vital to note that the encrypted
message does not gets tampered or altered. There are a huge number of chances for the
damage of the integrity of data within the area of e-commerce (Sharma & Lijuan, 2014).
There might be cases when there would be several errors while entering the data in a manual
process. There might also be cases of errors when vital data would be transmitted from one
computing device to another. The data could either be modified or stolen due to viruses or
bugs within the softwares, which are used. There could also be loss of data due to unexpected
damages to hardware systems such as disk crashes or errors within server. There is also a
high amount of possibility for the loss of data due to natural disasters such as fire accidents
(Akter & Wamba, 2016).
2.2.2 Non-Repudiation – This method could be defined as the prevention of one
party from reneging based on a certain agreement after a certain fact. In the cases of e-
commerce transactions and various other forms of electronic based transactions that would
include ATM cash machines. Every party that would be engaged within the process of
transaction should be confident about the security of the transaction. They should also ensure
the authenticity of the transaction and should also keep a check that the final transaction is
same encrypted message from the sender of the message (Mandal, Bhattacharyya &
Bandyopadhyay, 2013).
Asymmetric (Public-Key) Cryptography – In this kind of method of cryptography,
the original message would be encoded and then decoded with the help of mathematically
related key. One of the keys is a public key while the other is a private key (Tripathi &
Agrawal, 2014).
In order to provide the maximum amount of security with the help of cryptography,
the following areas should be taken into deep consideration:
2.2.1 Integrity – In this method, it is extremely vital to note that the encrypted
message does not gets tampered or altered. There are a huge number of chances for the
damage of the integrity of data within the area of e-commerce (Sharma & Lijuan, 2014).
There might be cases when there would be several errors while entering the data in a manual
process. There might also be cases of errors when vital data would be transmitted from one
computing device to another. The data could either be modified or stolen due to viruses or
bugs within the softwares, which are used. There could also be loss of data due to unexpected
damages to hardware systems such as disk crashes or errors within server. There is also a
high amount of possibility for the loss of data due to natural disasters such as fire accidents
(Akter & Wamba, 2016).
2.2.2 Non-Repudiation – This method could be defined as the prevention of one
party from reneging based on a certain agreement after a certain fact. In the cases of e-
commerce transactions and various other forms of electronic based transactions that would
include ATM cash machines. Every party that would be engaged within the process of
transaction should be confident about the security of the transaction. They should also ensure
the authenticity of the transaction and should also keep a check that the final transaction is
5SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
verified. The systems based on transaction should ensure that the party would not reject a
certain transaction (Cherdantseva & Hilton, 2013).
2.2.3 Authentication – In the field of E-commerce, the process of authentication is
needed when the seller would validate the information that would be provided by the
purchaser such as the information of the credit card. Within this process, there should be a
complete verification of the identity of the cardholder and the details of the payment card that
would be responsible for the transaction. In these transactions, the seller should be extremely
careful and they should hold the responsibility to provide the best authentication services
based on the payment methods (Hartono et al., 2014).
2.2.4 Confidentiality – This process defines the protecting of personal data from the
access of unauthorized users. This would mean that the entire information that would be
shared between the merchant and the customers should only be accessible in between both
the concerned parties. It should be checked that no other third party should be able to access
the shared information. The most primary goals of the security within the e-business is
confidentiality and privacy. These two aspects would involve the making of the accessibility
of information to the unauthorized parties (Sila, 2013).
The web based technology would simplify the process of the collection of information
of the user. With the increase of web technology, greater form of convenience should be
created in order to prevent the loss of vital data. Users often leave trails of information that
could be used for the determination of the internet history of the user, their track of online
purchases, the people with they might have corresponded. The data, which would be found
from the browser history of an individual could be collected easily and then it could be sold
to different advertising companies (Gevaers, Van de Voorde & Vanelslander, 2014).
verified. The systems based on transaction should ensure that the party would not reject a
certain transaction (Cherdantseva & Hilton, 2013).
2.2.3 Authentication – In the field of E-commerce, the process of authentication is
needed when the seller would validate the information that would be provided by the
purchaser such as the information of the credit card. Within this process, there should be a
complete verification of the identity of the cardholder and the details of the payment card that
would be responsible for the transaction. In these transactions, the seller should be extremely
careful and they should hold the responsibility to provide the best authentication services
based on the payment methods (Hartono et al., 2014).
2.2.4 Confidentiality – This process defines the protecting of personal data from the
access of unauthorized users. This would mean that the entire information that would be
shared between the merchant and the customers should only be accessible in between both
the concerned parties. It should be checked that no other third party should be able to access
the shared information. The most primary goals of the security within the e-business is
confidentiality and privacy. These two aspects would involve the making of the accessibility
of information to the unauthorized parties (Sila, 2013).
The web based technology would simplify the process of the collection of information
of the user. With the increase of web technology, greater form of convenience should be
created in order to prevent the loss of vital data. Users often leave trails of information that
could be used for the determination of the internet history of the user, their track of online
purchases, the people with they might have corresponded. The data, which would be found
from the browser history of an individual could be collected easily and then it could be sold
to different advertising companies (Gevaers, Van de Voorde & Vanelslander, 2014).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
2.2.5 Privacy – The concern of privacy is one of the major concern within the area of
e-commerce. In the cases of online based transactions, the owner of the website or the service
provider should have the ability to track records of each purchases that would be made by the
consumer. Conducting the transactions of business with the help of Internet has raised the
need implementing the concerns of privacy within the network (Bennett & Raab, 2017). Each
of the website based on e-commerce model have their own policy related to privacy as per the
needs of the organization. Hence it would be advisable to the consumers in order to keep a
check of the privacy policies before they could proceed with the transactions. Violating the
norms of privacy might lead to severe consequences on the part of consumer as the seller
would then have the rights to impose actions on consumers for violating the norms of the
website (Acquisti, Brandimarte & Loewenstein, 2015).
There are some major areas, which are also needed to be considered within the issue
such as certificates, digital signature, firewalls and secure socket layers.
A digital certificate is an electronic form of ‘credit card’ that would establish the
credentials of the consumer while performing business transactions on the internet. This
certificate is mainly issued by the certification authority (CA). The digital certificate would
contain the name of the user, a serial number, date of expiry, a copy of the public key of the
certificate holder and the digital signature of the authority that would issue the digital
certificate. This would be done for the benefit of the recipient as they would be able to verify
whether the certificate is authentic. The digital certificates could be kept in different registries
such that the authenticating users would be able to look into the public keys of the users
(Zhang, Hu & Raja, 2014).
The digital signature could be defined as the electronic form of signature, which could
be used in order to maintain the authenticity of the identity of the sender of a particular
2.2.5 Privacy – The concern of privacy is one of the major concern within the area of
e-commerce. In the cases of online based transactions, the owner of the website or the service
provider should have the ability to track records of each purchases that would be made by the
consumer. Conducting the transactions of business with the help of Internet has raised the
need implementing the concerns of privacy within the network (Bennett & Raab, 2017). Each
of the website based on e-commerce model have their own policy related to privacy as per the
needs of the organization. Hence it would be advisable to the consumers in order to keep a
check of the privacy policies before they could proceed with the transactions. Violating the
norms of privacy might lead to severe consequences on the part of consumer as the seller
would then have the rights to impose actions on consumers for violating the norms of the
website (Acquisti, Brandimarte & Loewenstein, 2015).
There are some major areas, which are also needed to be considered within the issue
such as certificates, digital signature, firewalls and secure socket layers.
A digital certificate is an electronic form of ‘credit card’ that would establish the
credentials of the consumer while performing business transactions on the internet. This
certificate is mainly issued by the certification authority (CA). The digital certificate would
contain the name of the user, a serial number, date of expiry, a copy of the public key of the
certificate holder and the digital signature of the authority that would issue the digital
certificate. This would be done for the benefit of the recipient as they would be able to verify
whether the certificate is authentic. The digital certificates could be kept in different registries
such that the authenticating users would be able to look into the public keys of the users
(Zhang, Hu & Raja, 2014).
The digital signature could be defined as the electronic form of signature, which could
be used in order to maintain the authenticity of the identity of the sender of a particular
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
message or the person who would sign the document. This would also be necessary for
ensuring that the original content of the document or message is not unchanged during the
process of transaction. A digital signature could be used with any form of message
irrespective of the fact that it would be encrypted or not. This would be helpful for the surety
of the receiver that the sender is authentic and that the message would be intact (Kou, 2013).
Some of the networks, which are mainly protected are based on proxy servers and
firewalls. The main focus of a firewall is to secure and protect a server, a particular form of
network or an individual PC from various forms of attacks that are posed by hackers and
viruses. There is also an equal importance from malicious softwares or carelessness within
the computing system. Many of the companies make use of the Kerberos protocol that makes
use of the symmetric secret key cryptography in order to restrict the access for the
unauthorized employees. A proxy server is a kind of server that would act as a go-between
for several kind of requests that are sent from clients who would seek different resources
from several other kind of servers. A client would connect to a proxy server from where they
would request some kind of service that might include files, webpages, connections or any
other form of resources that might be available from different other servers (Masood et al.,
2013).
The Security Sockets Layer (SSL) ensures that the information that would be sent
over the internet would commonly make use of the different set of rules such as TCP/IP
(Transmission Control Protocol/Internet Protocol). The information, which is sent from the
sender would be broken into packets and then these packets would be numbered in a
sequential manner along with an attached error control. The SSL makes use of the PKI and
various forms of digital certificates for the purpose of ensuring the authentication and
privacy. The procedure occurs with the initiation that a client would send a particular
message to the server that would reply with a digital certificate. With the help of PKI, the
message or the person who would sign the document. This would also be necessary for
ensuring that the original content of the document or message is not unchanged during the
process of transaction. A digital signature could be used with any form of message
irrespective of the fact that it would be encrypted or not. This would be helpful for the surety
of the receiver that the sender is authentic and that the message would be intact (Kou, 2013).
Some of the networks, which are mainly protected are based on proxy servers and
firewalls. The main focus of a firewall is to secure and protect a server, a particular form of
network or an individual PC from various forms of attacks that are posed by hackers and
viruses. There is also an equal importance from malicious softwares or carelessness within
the computing system. Many of the companies make use of the Kerberos protocol that makes
use of the symmetric secret key cryptography in order to restrict the access for the
unauthorized employees. A proxy server is a kind of server that would act as a go-between
for several kind of requests that are sent from clients who would seek different resources
from several other kind of servers. A client would connect to a proxy server from where they
would request some kind of service that might include files, webpages, connections or any
other form of resources that might be available from different other servers (Masood et al.,
2013).
The Security Sockets Layer (SSL) ensures that the information that would be sent
over the internet would commonly make use of the different set of rules such as TCP/IP
(Transmission Control Protocol/Internet Protocol). The information, which is sent from the
sender would be broken into packets and then these packets would be numbered in a
sequential manner along with an attached error control. The SSL makes use of the PKI and
various forms of digital certificates for the purpose of ensuring the authentication and
privacy. The procedure occurs with the initiation that a client would send a particular
message to the server that would reply with a digital certificate. With the help of PKI, the
8SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
server and the respective client would agree for the creation of session keys that are
symmetrical secret keys, which are created especially for the purpose of the particular
transaction. Once the session keys are confirmed, the communication would be able to
continue with the help of the digital certificates and the session keys (Sherif, 2016).
2.3 Security Threats of E-Business
Though various kinds of security measures are taken, however there would still be
some kinds of threats within the e-business transactions. These would include:
1. Client Computer Threats – There might at times when the client-side computer
might impose severe form of threats such as viruses and Trojan horses. These threats impacts
the client computer without the prior knowledge of the client. They might steal the data of the
user, destroy the computer of the user and thus would crash the computer of the client.
2. Intellectual Property Threats – Most of the browsers make use of the personal
information from a website without the prior permission of the owner of the website. These
might include the pirating of softwares, download of music and many others. The owners of
websites should make use of secured form of authentication system so as to get rid of the
problem (Grant et al., 2014).
3. Communication Channel Threats – The internet gives the permissibility to
everyone for sending and receiving of information through various networks. The data might
get stole and then modified by several group of hackers. These hackers are able to develop
new form of software in order to steal the identification and passwords of the user. Spoofing
is another form of major threat that would occur during the transmission of data in an
electronic format. The Denial of Service (DoS) is another form of threat on the
communication channel in which hackers would send unlimited requests to the targeted
server. These big number of requests might not be able to be handled by the server.
server and the respective client would agree for the creation of session keys that are
symmetrical secret keys, which are created especially for the purpose of the particular
transaction. Once the session keys are confirmed, the communication would be able to
continue with the help of the digital certificates and the session keys (Sherif, 2016).
2.3 Security Threats of E-Business
Though various kinds of security measures are taken, however there would still be
some kinds of threats within the e-business transactions. These would include:
1. Client Computer Threats – There might at times when the client-side computer
might impose severe form of threats such as viruses and Trojan horses. These threats impacts
the client computer without the prior knowledge of the client. They might steal the data of the
user, destroy the computer of the user and thus would crash the computer of the client.
2. Intellectual Property Threats – Most of the browsers make use of the personal
information from a website without the prior permission of the owner of the website. These
might include the pirating of softwares, download of music and many others. The owners of
websites should make use of secured form of authentication system so as to get rid of the
problem (Grant et al., 2014).
3. Communication Channel Threats – The internet gives the permissibility to
everyone for sending and receiving of information through various networks. The data might
get stole and then modified by several group of hackers. These hackers are able to develop
new form of software in order to steal the identification and passwords of the user. Spoofing
is another form of major threat that would occur during the transmission of data in an
electronic format. The Denial of Service (DoS) is another form of threat on the
communication channel in which hackers would send unlimited requests to the targeted
server. These big number of requests might not be able to be handled by the server.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
4. Server Threats – DoS is another form of major threats to the server. The hackers
would generate a program that would send end number of requests from the client side, which
might not be able to be handled by the server. Spamming is another form of important threat
to the servers.
3. Conclusion
From the above discussion, it could be concluded that the e-business is a form of
business model that is meant for small and larger businesses. This form of business ensures
that an individual or business firm would be able to conduct their processes of business with
the help of the electronic media such as the internet. Time would play a major role for both
consumers and businesses. The security within the processes of e-business is meant to
prevent loss and thus would be able to secure those areas in times of financial crisis or from
unauthorized access to information. The rapid form of developments within the e-commerce
business model has led to the intake of various kinds of risks within the technology and the
measures of security. These are meant to avoid the individual and organizational losses.
Some of the issues such as digital signatures, digital certificates, firewalls and security socket
layers should also be taken into consideration. Five major types of security plan that includes
the assessment of risks, development of a security policy, plan of implementation, creation of
a security organization and performing of a security audit. The securing of the wireless form
of transactions with high level of encryption methodologies would impact the security of the
e-business transactions. The mobile devices are also a high concern for security as they are
very easy to be misplaced. Hence, these measures would help in the ease of the security
within the e-business transactions.
4. Server Threats – DoS is another form of major threats to the server. The hackers
would generate a program that would send end number of requests from the client side, which
might not be able to be handled by the server. Spamming is another form of important threat
to the servers.
3. Conclusion
From the above discussion, it could be concluded that the e-business is a form of
business model that is meant for small and larger businesses. This form of business ensures
that an individual or business firm would be able to conduct their processes of business with
the help of the electronic media such as the internet. Time would play a major role for both
consumers and businesses. The security within the processes of e-business is meant to
prevent loss and thus would be able to secure those areas in times of financial crisis or from
unauthorized access to information. The rapid form of developments within the e-commerce
business model has led to the intake of various kinds of risks within the technology and the
measures of security. These are meant to avoid the individual and organizational losses.
Some of the issues such as digital signatures, digital certificates, firewalls and security socket
layers should also be taken into consideration. Five major types of security plan that includes
the assessment of risks, development of a security policy, plan of implementation, creation of
a security organization and performing of a security audit. The securing of the wireless form
of transactions with high level of encryption methodologies would impact the security of the
e-business transactions. The mobile devices are also a high concern for security as they are
very easy to be misplaced. Hence, these measures would help in the ease of the security
within the e-business transactions.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
4. Recommendations
Based on the gathered conclusions from the above discussions, there could be several
recommendations for securing the electronic method of e-business transactions. In order to be
able to manage the various potential risks, the primary step would be to identify the different
factors of risks that would include the intellectual threat to property, threat to the
communication channel, threats to server and the client side computer. Based on the
assessment of threats, a counter action plan must be properly designed and then it should be
implemented (Da Veiga & Martins, 2015). The integrity within the transactions could be
made by improving the user interfaces that would prevent the input of invalid data. The error
detection and correction software could also be implemented during the transmission of data.
A well planned process of transaction would be able to decrease the disputes of customers
based on fraud transactions. The amount of confidentiality within the softwares could be
increased by following good methods of encryption and decryption, proper procedures of
authorization and authentication. A good antivirus software should also be used in order to
prevent the attacks from viruses and Trojan horses within the computing devices. The privacy
policies of each organization should be properly revised at proper time intervals. They should
also make use of several useful tools such as filtering website contents that would have low
privacy ratings. A proper plan for the security should be made (Toufaily, Souiden & Ladhari,
2013). The security policy should be able to identify the various mechanisms, which would
help in achieving of the goals concerning the security. The organization of security should
provide training sessions to the computer users so that they would be independent in dealing
with the security issues and thus ensure a healthy and secure e-business environment.
4. Recommendations
Based on the gathered conclusions from the above discussions, there could be several
recommendations for securing the electronic method of e-business transactions. In order to be
able to manage the various potential risks, the primary step would be to identify the different
factors of risks that would include the intellectual threat to property, threat to the
communication channel, threats to server and the client side computer. Based on the
assessment of threats, a counter action plan must be properly designed and then it should be
implemented (Da Veiga & Martins, 2015). The integrity within the transactions could be
made by improving the user interfaces that would prevent the input of invalid data. The error
detection and correction software could also be implemented during the transmission of data.
A well planned process of transaction would be able to decrease the disputes of customers
based on fraud transactions. The amount of confidentiality within the softwares could be
increased by following good methods of encryption and decryption, proper procedures of
authorization and authentication. A good antivirus software should also be used in order to
prevent the attacks from viruses and Trojan horses within the computing devices. The privacy
policies of each organization should be properly revised at proper time intervals. They should
also make use of several useful tools such as filtering website contents that would have low
privacy ratings. A proper plan for the security should be made (Toufaily, Souiden & Ladhari,
2013). The security policy should be able to identify the various mechanisms, which would
help in achieving of the goals concerning the security. The organization of security should
provide training sessions to the computer users so that they would be independent in dealing
with the security issues and thus ensure a healthy and secure e-business environment.
11SECURITY ASSESSMENT OF E-BUSINESS TRANSACTIONS
5. References
Acquisti, A., Brandimarte, L., & Loewenstein, G. (2015). Privacy and human behavior in the
age of information. Science, 347(6221), 509-514.
Akter, S., & Wamba, S. F. (2016). Big data analytics in E-commerce: a systematic review
and agenda for future research. Electronic Markets, 26(2), 173-194.
Bennett, C. J., & Raab, C. D. (2017). The governance of privacy: Policy instruments in
global perspective. Routledge.
Cherdantseva, Y., & Hilton, J. (2013, September). A reference model of information
assurance & security. In 2013 International Conference on Availability, Reliability and
Security (pp. 546-555). IEEE.
Da Veiga, A., & Martins, N. (2015). Improving the information security culture through
monitoring and implementation actions illustrated through a case study. Computers &
Security, 49, 162-176.
Gevaers, R., Van de Voorde, E., & Vanelslander, T. (2014). Cost modelling and simulation
of last-mile characteristics in an innovative B2C supply chain environment with implications
on urban areas and cities. Procedia-Social and Behavioral Sciences, 125, 398-411.
Grant, K., Edgar, D., Sukumar, A., & Meyer, M. (2014). ‘Risky business’: Perceptions of e-
business risk by UK small and medium sized enterprises (SMEs). International Journal of
Information Management, 34(2), 99-122.
Hartono, E., Holsapple, C. W., Kim, K. Y., Na, K. S., & Simpson, J. T. (2014). Measuring
perceived security in B2C electronic commerce website usage: A respecification and
validation. Decision Support Systems, 62, 11-21.
5. References
Acquisti, A., Brandimarte, L., & Loewenstein, G. (2015). Privacy and human behavior in the
age of information. Science, 347(6221), 509-514.
Akter, S., & Wamba, S. F. (2016). Big data analytics in E-commerce: a systematic review
and agenda for future research. Electronic Markets, 26(2), 173-194.
Bennett, C. J., & Raab, C. D. (2017). The governance of privacy: Policy instruments in
global perspective. Routledge.
Cherdantseva, Y., & Hilton, J. (2013, September). A reference model of information
assurance & security. In 2013 International Conference on Availability, Reliability and
Security (pp. 546-555). IEEE.
Da Veiga, A., & Martins, N. (2015). Improving the information security culture through
monitoring and implementation actions illustrated through a case study. Computers &
Security, 49, 162-176.
Gevaers, R., Van de Voorde, E., & Vanelslander, T. (2014). Cost modelling and simulation
of last-mile characteristics in an innovative B2C supply chain environment with implications
on urban areas and cities. Procedia-Social and Behavioral Sciences, 125, 398-411.
Grant, K., Edgar, D., Sukumar, A., & Meyer, M. (2014). ‘Risky business’: Perceptions of e-
business risk by UK small and medium sized enterprises (SMEs). International Journal of
Information Management, 34(2), 99-122.
Hartono, E., Holsapple, C. W., Kim, K. Y., Na, K. S., & Simpson, J. T. (2014). Measuring
perceived security in B2C electronic commerce website usage: A respecification and
validation. Decision Support Systems, 62, 11-21.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.