Investigation into E-commerce Application Security Threats
VerifiedAdded on  2023/04/23
|8
|2671
|434
Report
AI Summary
This report investigates security vulnerabilities in e-commerce applications, highlighting the importance of software security in protecting online platforms from cyber threats. The study examines ransomware attacks and other security breaches, emphasizing the need for proactive security measures. It explores the use of threat modeling techniques and analytical tools, including SDLC, to identify and mitigate risks. The research aims to develop a structured approach for identifying, measuring, and addressing security hazards associated with e-commerce applications. The report also reviews various threat modeling approaches such as fault tree analysis, attack trees, STRIDE, and DREAD, while also acknowledging the limitations of the study, such as its focus on specific e-commerce platforms like eBay, Amazon, and Konga. The report stresses the significance of incorporating security throughout the software development lifecycle to build secure and dependable e-commerce applications. The research stresses the importance of proactive security measures, and it provides insights into how businesses can improve their security posture and safeguard their data and customers from online threats.
Summary
The entire study above has been focused to find out the security vulnerability that is found in
online services that can cause the most security issues in the e-commerce platforms. The
study shows how the security vulnerabilities in the cyber world can be a threat to the e-
commerce website, which in turn causes problems to the proprietors of the e-commerce
websites, the authority and the customers of the website as an extension. The study was
initiated because there have been some reports about security threats and attacks that have
been found in the previous times and it has also alarmed the authorities of the e-commerce
and digitized business to follow up the vulnerabilities in their websites and run a full analysis
of the business to find out any risk factor and eradicate them completely with the most
effective solutions implemented. Not just the security vulnerabilities, but there have also been
ransomware attacks that have harmed the cyber activities of the customers of these digitized
organizations. In addition to that, it has also been found that these ransomware attacks and
the way by which they occur are spreading rapidly, causing the potential customers of the
business to opt out of considering them as a feasible way of shopping. The attacks have not
only spread from one customer to another but have also attacked one business after another.
This is why this particular study was developed to find out the particular feedback taken from
the companies and running a security analysis on a chosen platform and find a feasible way
of providing a solution to the problems through collection of data through primary and
secondary sources and developing effective theories from them.
For this study especially, the software security tools are also analysed proactively to make
sure how they can be utilized to find a solution to the security threats. The study has
effectively utilized various forms of security tools in this regards, right from the primitive
forms of the utilized security tools for the approach to the recent developed tools. With the
The entire study above has been focused to find out the security vulnerability that is found in
online services that can cause the most security issues in the e-commerce platforms. The
study shows how the security vulnerabilities in the cyber world can be a threat to the e-
commerce website, which in turn causes problems to the proprietors of the e-commerce
websites, the authority and the customers of the website as an extension. The study was
initiated because there have been some reports about security threats and attacks that have
been found in the previous times and it has also alarmed the authorities of the e-commerce
and digitized business to follow up the vulnerabilities in their websites and run a full analysis
of the business to find out any risk factor and eradicate them completely with the most
effective solutions implemented. Not just the security vulnerabilities, but there have also been
ransomware attacks that have harmed the cyber activities of the customers of these digitized
organizations. In addition to that, it has also been found that these ransomware attacks and
the way by which they occur are spreading rapidly, causing the potential customers of the
business to opt out of considering them as a feasible way of shopping. The attacks have not
only spread from one customer to another but have also attacked one business after another.
This is why this particular study was developed to find out the particular feedback taken from
the companies and running a security analysis on a chosen platform and find a feasible way
of providing a solution to the problems through collection of data through primary and
secondary sources and developing effective theories from them.
For this study especially, the software security tools are also analysed proactively to make
sure how they can be utilized to find a solution to the security threats. The study has
effectively utilized various forms of security tools in this regards, right from the primitive
forms of the utilized security tools for the approach to the recent developed tools. With the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
analysis of the security tools and the security threats analysed at the similar way makes it
easier to understand the ways by which all the security threats have been addressed at the e-
commerce websites. Having said that, the research is developed to find out an appropriate
methodology that would be able to find out and formulate a theoretical approach to further
develop a methodology in applying the threat modelling techniques. This threat modelling
technique would formulate the utilization of the analytical tools and the utility of the
developed methodology put together and in this way the solution would be formalised to find
out a proper methodology for the website to make sure that the security vulnerabilities are
met properly. The entire research has been build up on finding out a proper way in
developing and maintaining the website in such a way that all these security vulnerabilities
are eradicated from the system.
However, it has been found during the research that most of these threat modelling
techniques and analytical tools are among the practices utilized in the computer industry to
reduce the volume and severity of exploitable vulnerabilities to e-commerce software
applications. But most of these threat models are usually implement after the designed and
development of an e-commerce application which is not the best practice. Therefore, the most
probable version of utilizing this research was based upon the methodology of SDLC or
software development lifecycle technique. The research has found out that only through the
process of SDLC or software development lifecycle methods, a developer is able to find out
the proper way of application for the embedding of a dependable and secure development of
the website and imply it to the organization. While the SDLC method is followed, the
developer must include the embedded security within the design to formulate an impermeable
website development that allows security analyst and developers to think proactively about
the countermeasures to discover available threat and avert future attack.
easier to understand the ways by which all the security threats have been addressed at the e-
commerce websites. Having said that, the research is developed to find out an appropriate
methodology that would be able to find out and formulate a theoretical approach to further
develop a methodology in applying the threat modelling techniques. This threat modelling
technique would formulate the utilization of the analytical tools and the utility of the
developed methodology put together and in this way the solution would be formalised to find
out a proper methodology for the website to make sure that the security vulnerabilities are
met properly. The entire research has been build up on finding out a proper way in
developing and maintaining the website in such a way that all these security vulnerabilities
are eradicated from the system.
However, it has been found during the research that most of these threat modelling
techniques and analytical tools are among the practices utilized in the computer industry to
reduce the volume and severity of exploitable vulnerabilities to e-commerce software
applications. But most of these threat models are usually implement after the designed and
development of an e-commerce application which is not the best practice. Therefore, the most
probable version of utilizing this research was based upon the methodology of SDLC or
software development lifecycle technique. The research has found out that only through the
process of SDLC or software development lifecycle methods, a developer is able to find out
the proper way of application for the embedding of a dependable and secure development of
the website and imply it to the organization. While the SDLC method is followed, the
developer must include the embedded security within the design to formulate an impermeable
website development that allows security analyst and developers to think proactively about
the countermeasures to discover available threat and avert future attack.
While the research process was formulated, it was necessary to generate a research problem
statement, which is usually a problem found in throughout the research work, or mostly the
problem that the research is trying to solve through the entire study. This involves in
formulating a way by which the problem statement is approached. In this particular case, the
problem statement has been identified as the traditional way in which the website for e-
commerce platforms are designed and developed. This is because, it has been found that
through these traditional processes, there have been multiple barging into the websites as
there were security vulnerabilities found in the development process. The outcome of the
entire design and development was found to be faulty when it came to the security system of
the ecommerce applications. There were repeated reports of ransomware attacks and other
ways of manipulating or theft of information for which the development process was to be
blamed. This is why, the entire research has been formulated to find out a feasible way in
which the vulnerabilities can be identified and for further development and design of the
websites they can be avoided. Since, having vulnerabilities in the e-commerce websites are
not only causing problems to the customers of the organization, but it is also becoming
obligatory in framing up a good reputation for the organization with the customers.
The next phase of the research was framed to find out the research aims and the research
objectives that needed to be identified before the research process was commenced
altogether. Therefore, the research was found to have a particular aim of investigating the
tools which have been utilized by the various software development system ever since it has
been implemented in software development. This would be required for the investigation of
the threat modelling for the successful design and development of the e-commerce
applications when they are available live to the customers online. The aim of the research
also pointed at the ways in which they have been done. This is due to the fact that the reader
statement, which is usually a problem found in throughout the research work, or mostly the
problem that the research is trying to solve through the entire study. This involves in
formulating a way by which the problem statement is approached. In this particular case, the
problem statement has been identified as the traditional way in which the website for e-
commerce platforms are designed and developed. This is because, it has been found that
through these traditional processes, there have been multiple barging into the websites as
there were security vulnerabilities found in the development process. The outcome of the
entire design and development was found to be faulty when it came to the security system of
the ecommerce applications. There were repeated reports of ransomware attacks and other
ways of manipulating or theft of information for which the development process was to be
blamed. This is why, the entire research has been formulated to find out a feasible way in
which the vulnerabilities can be identified and for further development and design of the
websites they can be avoided. Since, having vulnerabilities in the e-commerce websites are
not only causing problems to the customers of the organization, but it is also becoming
obligatory in framing up a good reputation for the organization with the customers.
The next phase of the research was framed to find out the research aims and the research
objectives that needed to be identified before the research process was commenced
altogether. Therefore, the research was found to have a particular aim of investigating the
tools which have been utilized by the various software development system ever since it has
been implemented in software development. This would be required for the investigation of
the threat modelling for the successful design and development of the e-commerce
applications when they are available live to the customers online. The aim of the research
also pointed at the ways in which they have been done. This is due to the fact that the reader
must have a clear idea by which the research was initially planned to find out the relevant
research methodology followed for collecting the data for the research.
This has further raised the research objectives that was formulated so far from the research
aims. The main objectives of the research were found to be focusing on the specified
requirements to which E-commerce application should meet security standard. This included,
appraisal of the underlying principles in online shopping using credit card and PayPal,
Overview of E-commerce security, reviewing of the different security issues in E-commerce
organization, reviewing of the available security tools and security modelling approaches in
E-commerce, developing a standard security model for software development methodologies
in E-commerce organization, and comparing the degree of successful developed security
modelling approach for E-commerce applications.
However, beyond all of the formulated methodologies, research aims and objectives, it was
also necessary to find out if there was any scope throughout the research. If there was no
scope through the research and development of the entire software for the e-commerce
websites there would be no point in developing the research further. The scope of the
research highlights that the challenges that website development has been facing throughout
the course of security issues since the time of its inception is the reason why the research was
commenced at the first place. This research was first identified to provide solutions to the
recent issues about the study the researcher aims at using past research work, current research
materials, and interactive social media platforms in getting the most recent and up to date
security models being used to curb or reduce security threats online.
After that, the background of the entire study was formulated, which specifically implies why
the security issues of the software and website development needs to be eradicated at the first
place. This chapter specifically focuses on how the malicious hackers have been making it
research methodology followed for collecting the data for the research.
This has further raised the research objectives that was formulated so far from the research
aims. The main objectives of the research were found to be focusing on the specified
requirements to which E-commerce application should meet security standard. This included,
appraisal of the underlying principles in online shopping using credit card and PayPal,
Overview of E-commerce security, reviewing of the different security issues in E-commerce
organization, reviewing of the available security tools and security modelling approaches in
E-commerce, developing a standard security model for software development methodologies
in E-commerce organization, and comparing the degree of successful developed security
modelling approach for E-commerce applications.
However, beyond all of the formulated methodologies, research aims and objectives, it was
also necessary to find out if there was any scope throughout the research. If there was no
scope through the research and development of the entire software for the e-commerce
websites there would be no point in developing the research further. The scope of the
research highlights that the challenges that website development has been facing throughout
the course of security issues since the time of its inception is the reason why the research was
commenced at the first place. This research was first identified to provide solutions to the
recent issues about the study the researcher aims at using past research work, current research
materials, and interactive social media platforms in getting the most recent and up to date
security models being used to curb or reduce security threats online.
After that, the background of the entire study was formulated, which specifically implies why
the security issues of the software and website development needs to be eradicated at the first
place. This chapter specifically focuses on how the malicious hackers have been making it
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
difficult for the organizations to put up with the challenges they implement for both the
organization and the customers as a whole. The reasons why this particular issue is forming a
huge obligation to research about and find a solution for eradicating these have been
described in this chapter. Furthermore, this chapter describes that the software hackers are
using advance technologies and techniques in the consistent manner to access important data
and carry out other significant activities to E-commerce network application. In addition to
that, this section also describes the electronic technologies sectors, Privacy and security are
major factor. The E-commerce sector also shares these views in line with other technological
fields. While some firms are faced with difficulties in making their website security
sophisticated in order to provide customers with effective secure payment online, other firms
like Palpay, WePay and ProPay have provided their customers with the security of assessing
any website with an assurance that their information is safe. This section also clarifies that the
large organizations have been investing in huge amounts of money in the ecommerce
websites since the latest advancement in the technology has made it even more lucrative to
invest in digitized organizations that promote ecommerce technologies. However, after it was
found that these security vulnerabilities are present in the entire development and design
phase, these organizations have started investing more in finding out a solution that would
address and resolve the issues of ecommerce security challenges utilizing various tools and
technologies. The research helps in formulating a a structured approach that enables one
identify, measure and address the security hazard associated with applications and software.
However, the research has its own limitations while conducting, out of which, one was that
the entire research was based only on the ecommerce application payment systems that
culminated through E-bay, Amazon and Konga. The research also finds out the various types
of threat modelling approaches available today. These threat modelling approached include
fault tree Analysis, Attack trees, Stride and Dread. These approaches and techniques to
organization and the customers as a whole. The reasons why this particular issue is forming a
huge obligation to research about and find a solution for eradicating these have been
described in this chapter. Furthermore, this chapter describes that the software hackers are
using advance technologies and techniques in the consistent manner to access important data
and carry out other significant activities to E-commerce network application. In addition to
that, this section also describes the electronic technologies sectors, Privacy and security are
major factor. The E-commerce sector also shares these views in line with other technological
fields. While some firms are faced with difficulties in making their website security
sophisticated in order to provide customers with effective secure payment online, other firms
like Palpay, WePay and ProPay have provided their customers with the security of assessing
any website with an assurance that their information is safe. This section also clarifies that the
large organizations have been investing in huge amounts of money in the ecommerce
websites since the latest advancement in the technology has made it even more lucrative to
invest in digitized organizations that promote ecommerce technologies. However, after it was
found that these security vulnerabilities are present in the entire development and design
phase, these organizations have started investing more in finding out a solution that would
address and resolve the issues of ecommerce security challenges utilizing various tools and
technologies. The research helps in formulating a a structured approach that enables one
identify, measure and address the security hazard associated with applications and software.
However, the research has its own limitations while conducting, out of which, one was that
the entire research was based only on the ecommerce application payment systems that
culminated through E-bay, Amazon and Konga. The research also finds out the various types
of threat modelling approaches available today. These threat modelling approached include
fault tree Analysis, Attack trees, Stride and Dread. These approaches and techniques to
application security have proven to be ineffective, this is evidence in their vulnerabilities,
permitting applications to be attacked or damaged. A challenging task is determining with
approach will give the best result when applied to specific software application or e-
commerce applications. Therefore, determine how to effectively solve this security challenge
using the most effective tool is crux of this project. The research scope also identifies the
need of security in the ecommerce websites that forms an integral approach of the entire
research. The need of the security threat was found in further details in the literature review
chapter of the entire study, which finds out how the entire conceptual framework was
formulated to find out why the research was needed from the aspect of the business
organizations. It is an issue that needs to be addressed while conducting the entire research
because at the end of the day this would be beneficial mostly to the business organizations so
that they could invest in appropriately and logically. It can also be said that this particular
research would make it easier for the decision making body to make effective decisions based
on the research about investing in properly while developing a website as an ecommerce
platform. The threat modelling technique framework that had been developed as a result
mostly based upon the step by step developmental phase of the website and further discussed
on how the framework should be used to make sure that the website is impermeable to the
external hackers.
However, it is also not to be forgotten that the entire research as a whole should not violate
any kind of ethical framework that is developed during the conduction of a research. Thus,
the research follows how the research had been collecting data from primary and secondary
sources in the most appropriate and ethical way possible and make sure that the observing of
the E-bay, Amazon and Konga e-commerce mobile application users are concern with the
security on this platform. Although the findings of the study were described in details in the
permitting applications to be attacked or damaged. A challenging task is determining with
approach will give the best result when applied to specific software application or e-
commerce applications. Therefore, determine how to effectively solve this security challenge
using the most effective tool is crux of this project. The research scope also identifies the
need of security in the ecommerce websites that forms an integral approach of the entire
research. The need of the security threat was found in further details in the literature review
chapter of the entire study, which finds out how the entire conceptual framework was
formulated to find out why the research was needed from the aspect of the business
organizations. It is an issue that needs to be addressed while conducting the entire research
because at the end of the day this would be beneficial mostly to the business organizations so
that they could invest in appropriately and logically. It can also be said that this particular
research would make it easier for the decision making body to make effective decisions based
on the research about investing in properly while developing a website as an ecommerce
platform. The threat modelling technique framework that had been developed as a result
mostly based upon the step by step developmental phase of the website and further discussed
on how the framework should be used to make sure that the website is impermeable to the
external hackers.
However, it is also not to be forgotten that the entire research as a whole should not violate
any kind of ethical framework that is developed during the conduction of a research. Thus,
the research follows how the research had been collecting data from primary and secondary
sources in the most appropriate and ethical way possible and make sure that the observing of
the E-bay, Amazon and Konga e-commerce mobile application users are concern with the
security on this platform. Although the findings of the study were described in details in the
later chapters, this particular section described that there were proper ethical considerations
made during researching about the topic entirely.
The next chapter provided an overview of the security issues in ecommerce and how they
have been addressed or found out about according to the literatures and the research works by
other researcher and analysts in the previous times. The entire chapter in this regard can be
considered as a data collection technique developed through literature review. The articles
previewed and reviewed in this regard would be considered as secondary sources throughout
the research. This particular chapter focuses on all the developed methods that can be
considered as an authenticated mechanism to the in e-commerce websites which are based on
providing personal security identification and access control methods.
This chapter also defines the specific key terms which is required for the awareness of the
reader who would be going through the entire paper. The terms include, fraud, electronic
thief, Security confidentiality, e-commerce integrity, and phishing.
Then the chapter introduces the process of literature review, which is a conducted process
developed for the data collection method through secondary sources. This chapter identifies
the underlying principles in online shopping using credit card and PayPal, the ecommerce
security tools, firewalls, and the types of firewalls. Therefore, the entire structure of the
research has been linked to the research objective and the information or data collected
through the literature review or secondary sources.
This forms the basic criterion for the primary data collection method as the formulated
questions for the research is developed with the help of this particular method of literature
review.
made during researching about the topic entirely.
The next chapter provided an overview of the security issues in ecommerce and how they
have been addressed or found out about according to the literatures and the research works by
other researcher and analysts in the previous times. The entire chapter in this regard can be
considered as a data collection technique developed through literature review. The articles
previewed and reviewed in this regard would be considered as secondary sources throughout
the research. This particular chapter focuses on all the developed methods that can be
considered as an authenticated mechanism to the in e-commerce websites which are based on
providing personal security identification and access control methods.
This chapter also defines the specific key terms which is required for the awareness of the
reader who would be going through the entire paper. The terms include, fraud, electronic
thief, Security confidentiality, e-commerce integrity, and phishing.
Then the chapter introduces the process of literature review, which is a conducted process
developed for the data collection method through secondary sources. This chapter identifies
the underlying principles in online shopping using credit card and PayPal, the ecommerce
security tools, firewalls, and the types of firewalls. Therefore, the entire structure of the
research has been linked to the research objective and the information or data collected
through the literature review or secondary sources.
This forms the basic criterion for the primary data collection method as the formulated
questions for the research is developed with the help of this particular method of literature
review.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
The next chapter is thus utilized for the adapted methodology which enables a clear visibility
of a project by helping to ensure that any necessary decisions can be made at the earliest
possible opportunity. This outcome is normally done to avoid unforeseen circumstances
while there is still time to avoid any risk outcome. In addition to that, research methodology
is an efficient way of effectively managing time for a project. The chapter describes the four
research methodologies were selected to be applied in the analysis process of Threat
Modelling Tools and Technique used in securing e-commerce applications online, which
include, prototype methods, DSDM or Dynamic Systems Development Model, Spring and
Scrum. During this process as well, the ethical considerations have been taken into account
and followed vigorously.
The next chapter frames the data collection process that needs the evidence for the interview
that has been conducted online for the entire research and includes a summary of the entire
conducted research as a result. This helps in finding out all the relevant information that was
needed to be found out during the research process as a whole. This is why the entire research
was conducted to find out the relevant information regarding the security issues in the above
mentioned areas of the ecommerce websites and how a solution can be formulated for the
further development of the ecommerce websites without any sort of security issues occurring
further.
of a project by helping to ensure that any necessary decisions can be made at the earliest
possible opportunity. This outcome is normally done to avoid unforeseen circumstances
while there is still time to avoid any risk outcome. In addition to that, research methodology
is an efficient way of effectively managing time for a project. The chapter describes the four
research methodologies were selected to be applied in the analysis process of Threat
Modelling Tools and Technique used in securing e-commerce applications online, which
include, prototype methods, DSDM or Dynamic Systems Development Model, Spring and
Scrum. During this process as well, the ethical considerations have been taken into account
and followed vigorously.
The next chapter frames the data collection process that needs the evidence for the interview
that has been conducted online for the entire research and includes a summary of the entire
conducted research as a result. This helps in finding out all the relevant information that was
needed to be found out during the research process as a whole. This is why the entire research
was conducted to find out the relevant information regarding the security issues in the above
mentioned areas of the ecommerce websites and how a solution can be formulated for the
further development of the ecommerce websites without any sort of security issues occurring
further.
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.