E-commerce security issues

E-commerce security issues

Without trust, most prudent business operators and clients may decide to forgo use of the Internet and revert back to traditional methods of doing business. To counter this trend, the issues of network security at the e-commerce and customer sites must be constantly reviewed and appropriate counterm...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Marchany, R.C., Tront, J.G.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer hacking
Computer networks
Computer security
Counting circuits
Information security
Internet
Network servers
Privacy
US Government
Wires
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Without trust, most prudent business operators and clients may decide to forgo use of the Internet and revert back to traditional methods of doing business. To counter this trend, the issues of network security at the e-commerce and customer sites must be constantly reviewed and appropriate countermeasures devised. These security measures must be implemented so that they do not inhibit or dissuade the intended e-commerce operation. This paper will discuss pertinent network and computer security issues and will present some of the threats to e-commerce and customer privacy. These threats originate from both hackers as well as the e-commerce site itself. A straightforward comparison could be made of the security weaknesses in the postal system vs. security weaknesses on the Net. The vulnerable spots in both cases are at the endpoints - the customer's computer/network and the business' servers/network. Information flowing in the conduit (trucks/planes and wires) is relatively immune to everyday break-ins. Privacy issues are amongst the major drivers for improved network security along with the elimination of theft, fraud and vandalism. Two major threats to customer privacy and confidence come from sources both hostile to the environment as well as sources seemingly friendly. Coordinated attacks on Yahoo, eBay, ZDNet, Buy.com (on their IPO day) and amazon.com generated a huge amount of publicity and a federal government response. A brief description of these attacks will be given in this paper. Another threat may originate at ostensibly friendly companies such as DoubleClick, MemberWorks and similar firms that collect customer information and route it to other firms. Much of this transaction information is able to be associated with a specific person making these seemingly friendly actions potential threats to consumer privacy. Many of the issues and countermeasure discussed here come from experiences derived with consulting with clients on how to maintain secure e-commerce facilities. These methods and techniques can be useful in a variety of client and server environments, also serving to alert e-commerce users of potential threats.
DOI:10.1109/HICSS.2002.994190