E-commerce Security Tools
E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. While security features do not guarantee a secure system, they are necessary to build a secure system. Dimensions of E-commerce Security:
1. Integrity – The ability to ensure that information being displayed on a web site or transmitted or received over the internet has not been altered in any way by an unauthorized party.
2. Nonrepudiation – The ability to ensure that e-commerce participants do not deny (i.e. repudiate) their online actions.
3. Authenticity – The ability to identify the identity of a person or entity with whom you are dealing in the internet.
4. Confidentiality – The ability to ensure that messages and data are available only to those who are authorized to view them.
5. Privacy – The ability to control the use of information about oneself.
6. Availability – The ability to ensure that an e-commerce site continues top function as intended.
E-Commerce Security Tools
Security is an essential part of any transaction that takes place over the internet. Customer will loose his/her faith in e-business if its security is compromised. The various E-Commerce Security Tools are as follows:
1. Firewalls – Software and Hardware.
2. Public Key infrastructure.
3. Encryption software.
4. Digital certificates.
5. Digital Signatures.
6. Biometrics – retinal scan, fingerprints, voice etc.
7. Locks and bars – network operations centres.
1. Firewalls – Software and Hardware
Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. Firewalls can be either hardware or software but the ideal firewall configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.
2. Public Key infrastructure
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email.