This article describes about the tools and techniques that can be used for the protection of ecommerce websites through the process of authentication and authorization. This literature review describes two design models. The first one is the oriented authentication design model and the other one is the oriented authorization design model. The authentication design model focuses on securing the ecommerce systems from sniffing, brute force, dictionary and replay attacks. It derives the enablers and prescribes the measures for any counter attack. The authorization design model is based on giving people permission about accessing information. This model deals with replay, ID spoofing, session hijacking and bypassing authorization attacks. This section also ponders on the enablers and then on the countermeasures to overcome the problems. This literature review gives an overview of the technological and non technological limitations. The complexities regarding the security issues have led to the development of these design models. It can be concluded from this article that authentication and authorization are of major importance for improving the performance of the ecommerce sites.
This article discusses the importance of the security measures that are needed for protecting the ecommerce website. The websites of the merchants are liable to any type of attack over the internet. Algorithms based on cryptography are essential in order to protect the ecommerce websites. The message digest plays an important role in providing data integrity, authentication and digital signature for the purpose of privacy. This article focuses on the need of a fast and strong algorithm for encryption in a transaction related to ecommerce sites. There have been proposals regarding the chaotic cryptography that include chaotic hash functions and chaotic pseudorandom number generation. Several ecommerce protocols are also discussed like SSL, SET and This literature review proposes a new triangle chaotic map for the purpose of protecting the ecommerce sites.
This literature review focuses on the security issues related to ecommerce and also discusses about the solutions to overcome these issues. Ecommerce security is considered to be a sub part of the framework of information security. The greatest threat in the ecommerce security is the Trojan horse. The reason behind this is that they are able to block or bypass any type of authorization and authentication mechanisms. There are information, negotiation, and payment and delivery phase of an ecommerce transaction. Each of these will have a different type of security measure like access control, identification, and encryption and integrity checks. The security threats like DOS, theft, fraud and unauthorized access are discussed in details. This article also provides a small list to protect oneself of any type of security threat. Security is important and this article also provides guidelines for secure way of shopping online.
This literature review gives an overview of the m-commerce and ecommerce briefing about the relationship between them. It also points out the advantages and disadvantages of the ecommerce and m-commerce sites. The disadvantages are mainly due to the security issues. There are chances of any type of credit card related fraud. It points out how the consumers suffer when their credentials are stolen by the hackers. There are also risks related to phishing attacks and different types of security frauds. Scam identification is another form of threat associated with the ecommerce sites. This article discusses about the security features of ecommerce sites like encryption, auditing, non repudiation and authentication. The protection of the ecommerce assets from any unauthorized access, modification and deletion of data is an essential requirement in maintaining the security of the ecommerce sites.
This article focuses on the various security issues that the ecommerce websites face. It discusses about the purpose of security in the ecommerce sites. This also points out the way of shopping online in a safe manner. The different types of tools that are used for protecting the ecommerce sites are digital certificates, passwords, firewall and public key infrastructure. The e commerce cycle is discussed in brief. There must be mutual trust in case of running a business. The intellectual proper must be protected. This journal presents a model for classifying the threats and mentions the control measures. DOS is considered to be a severe risk in ecommerce. A framework for managing risk in a conceptual manner is discussed. Ecommerce activities are increasing with time and they will replace the physical markets in few years. Protecting such ecommerce sites will protect the consumers from any types of threats. The privacy, confidentiality, availability needs to be maintained.
This article focuses on the challenges and security issues faced in mobile commerce. Mobile commerce is ecommerce facility that is provided in a mobile device. People are able to download the applications of the ecommerce sites in their phones and access the electronic transaction method. Fundamentals of the cellular systems are discussed in brief. Several security flaws are present. These flaws are related to the GPRS authentication and encryption. Security enhancement is done in case of UMTS to protect the m-commerce and ecommerce sites. Authentication protocols are discussed along with the integrity protection and encryption methods. These are the protection methods. M-commerce activities along with ecommerce activities are increasing with time and security protection plays a major role in this context.
This journal discusses about the application level as well as database level security in case of any ecommerce application. There are several categories of application of ecommerce like B2B, C2C, B2C and many more. The proposed system in this paper provides security for server side, client side and transmission of information in a secure manner. The client side security consists of user authentication and authorization module along with access control enforcement. The database module includes encryption of data, digital signature and watermarking. Ecommerce applications can be protected by integrating the security technologies in a proper manner.
This journal suggests that cryptography techniques must be used for the security of the ecommerce websites. Money can be transferred in a secured manner by applying proper techniques of cryptography. Ecommerce transactions have several phases like information, negotiation, payment and delivery phase. Each of the phases can be protected by certain security measures like integrity, digital signatures, encryption and secure delivery. The trust models in ecommerce security are hierarchical, direct and distributed models. Certain ecommerce protocols like SET and SSL are used. Certificate based security mechanisms are provided by a secure ecommerce protocols. Proper protection techniques can be achieved by cryptographic techniques and functions.
This journal focuses on the security threats that are faced by the ecommerce sites. There are certain components of ecommerce systems like merchant account, shopping cart and payment gateway. A well protected ecommerce site will have certain characteristics like privacy, non repudiation and availability. The major threats for an ecommerce sites are Trojan horse, virus attacks and distributed denial of services. Basic education and training of web security will be extremely helpful for the consumers of the ecommerce sites to protect themselves from any security issue. Secure socket layer should be an integral factor in web security. This is known to one of the well known security models. An ecommerce site should be designed by incorporating certain factors like privacy and security.
Ecommerce websites are used for the purpose of buying and selling goods online. These websites involve transactions that take place online over an electronic platform. There are protocols used in cryptography that allows people to interact in a secured manner over any network. MasterCard and Visa have proposed and developed a large number of protocols for the purpose of secure electronic transactions. There are certain challenges and limitations that SET faces. There are various levels of encryption involved. There are hashing techniques, symmetric as well as asymmetric cryptography involved in the process of securing the transactions that are done online. The messages have to go through a number of layers in the socket layer protocol to secure itself from any type of security threats. This article says that SDTS algorithms can be used for the purpose of transferring sensitive data in a secure manner over the internet. It discusses about the online and onsite transaction methods. Secured payments can be done through a system of biometric authentication. The ecommerce sites are vulnerable to various security threats and can be protected by using proper cryptographic algorithms.
This journal discusses about the security issues and threats that are faced by any e-commerce websites. It also presents a set of solutions to overcome the issues. Consumers can get cheated by using their credit cards and debit cards to make payments online. Certain attacks can take place like snooping the computer of the shopper, network sniffing and tricking the shopper to take the password of the users. Denial of service attacks is extremely dangerous as it makes the server perform a large number of tasks so that they exceed the sever limit. This journal also provides certain solutions like educating the users and implementation of personal firewalls. It also suggests that the use of secure socket layer (SSL) can be used for encrypting the information and protecting the data. Server firewalls can be used to make sure that the request of the users can enter via any specific port. Using cookies will also solve the issues of security threat attacks in a system. The use of ecommerce is increasing with time and security plays a major role in the growth and development of the site. It helps to increase the reliability of the site.
AGGARWAL, V. (2014). E-COMMERCE SECURITY ISSUES AND SOLUTIONS: A SURVEY. International Interdisciplinary Research Journal, 2(1).
Gautam, R., & Singh, S. (2014). Network Security Issues in e-Commerce. International Journal Of Advanced Research In Computer Science And Software Engineering, 4(3).
Khandare, N., & Meshram, D. (2013). SECURITY OF ONLINE ELECTRONIC TRANSACTIONS. International Journal Of Technical Research And Applications, 1(5).
MAQABLEH, M. (2012). Analysis and design security primitives based on chaotic systems for ecommerce (Doctoral dissertation, Durham University).
Niranjanamurthy, M., & Chahar, D. D. (2013). The study of e-commerce security issues and solutions. International Journal of Advanced Research in Computer and Communication Engineering, 2(7).
Niranjanamurthy, M., Kavyashree, N., Jagannath, S.,& Chahar, D. (2013). Analysis of e-commerce and m-commerce: advantages, limitations and security issues. International Journal of Advanced Research in Computer and Communication Engineering,2(6).
Prakash, K. (2015). Security Issues And Challenges In Mobile Computing And M-Commerce. International Journal of Computer Science and Engineering Survey, 6(2), 29.
Rane, P. B., & Meshram, B. B. (2012). Application-level and database security for e-commerce application. International Journal of Computer Applications, 41(18).
Rane, P. B., Kulkarni, P., Patil, S., & Meshram, B. B. (2012). Authentication and authorization: tool for ecommerce security. IRACST–Engineering Science and Technology: An International Journal (ESTIJ), 2(1), 150-157.
Revathi., C., Shanthi., K.,& Saranya., A.R.(2015). A Study on E-Commerce Security Issues International Journal of Innovative Research in Computer and Communication Engineering, 3(12)
Yasin, S., Haseeb, K., & Qureshi, R. J. (2012). Cryptography based e-commerce security: a review. International Journal of Computer Science Issues, 9(2), 132-137.
Yusuf Mohamed, A., & M Zeki, A. (2015). The most principle Security Issues In E-commerce. International Journal Of Scientific And Research Publications, 5(12).