E-Commerce: Information Security Report

Exclusively available on Available only on IvyPanda® Written by Human No AI

Introduction

The process of buying and selling goods and services through the internet and other social sites is referred to as e-Commerce. An e-commerce website is a link or a virtual market that creates an avenue for buying and selling. Creating an e-commerce website requires some components in order to work efficiently.

These components include security requirements, system confidentiality requirements, audit requirements, and legal requirements to mention a few. When their requirements are assembled together, it would create an online market for the buying and selling of goods and services.

Security Requirements

The security of a website would determine how safe trading could be on the site. Security of the server is the most important aspect of an e-commerce site. To secure your website, there should be a secured host security, internet connection security, coding and decoding security. The configuration of the web server should be safe, and this is the first place for an attack should there be loophole on the website.

When the web configuration is secured, you would have to put in place preventive measures that would sanitize every transaction made on the website. This means that there should have secured policies that would thoroughly check every transaction, this would guard against fraud. Remember to update your security measures regularly because fraudsters would always be at your site looking for a loophole.

Note that your files should be encrypted to avoid internet fraud. For example, when you are using master cards for transactions, these numbers have to be encrypted to avoid fraudulent activities. For example, shoppers at the King Jewelry are encouraged to suggest ways to bolster the website’s security. The security requirements must define the roles, procedures, transactions, and information stored in the system.

What is more, the internal and remote access to King Jewelry website is well protected. The website also employs other techniques to ensure that the data on King Jewelry website is protected properly (Musa, Norwawi & Selamat, 2012, p. 48).

System Confidentiality Requirements

In order to gain trust and confidentiality of your customers, the site owner must put some measures in place to boost customer confidentiality.

Quality Website design

Customers would be free to transact business on sites that are well designed graphically. When the site is poorly created, it would not attract customers and that reduces customer confidentiality.

A good online service

Customers are satisfied wen there problems are solved immediately. When the contact information is visible and easy to find, it is a step forward in building consumer confidentiality. Additionally, the customer services should be reachable and working on a daily basis, this would give the website a competitive advantage.

Accessibility options should be functional

A customer would love to examine a website before engaging in business. When these sites have accessibility, functions that would enable the customer navigate through the sites even as a guest, this would build the consumer confidence.

The protection of personal information is critical in attaining customer trust. The opinions of end-users on King Jewelry website are influenced by the magnitude and status of the business, marketing, printed testaments of previous users, and suggestions of colleagues.

To put it another way, some shoppers build trust in King Jewelry website based on the positive features within the system. The positive features are defined as the salient characteristics of trusts present within King Jewelry website. For example, Che-Hussin (2006) states that “trust can be presented in terms of a trusted third party, privacy policy, company address, contact person, and ease of navigation” (p. 236).

Data Integrity Requirements

Data integrity is a critical aspect in any online business (Blythe, 2006, p. 21). Data integrity lends credence to the consistent and accurate transmission of information within the e-commerce website. There are many ways to demonstrate data integrity within the e-commerce website. For example, King Jewelry website uses a data – hash technique to reduce incidences of information tampering.

Nonetheless, data tampering can still take place via a number of techniques including man-in-the-middle attack and Phishing attack. It is against this backdrop that the King Jewelry website has a robust security and verification measures (i.e. Digital signatures) to curb data tampering (Blythe, 2006, p. 21).

Blythe (2006) defines the digital signature as electronic symbols or characters used by end-users to validate a message. An asymmetric key cryptology is used to generate electronic signatures. For example, the King Jewelry website uses two electronic keys to validate incoming and outgoing messages. The first key is used to encrypt outgoing data. The second key is used to decrypt incoming data.

Thus, digital signatures are very useful for online transactions because they allow remote users to corroborate their identities and diminish the probability of data tampering. The King Jewelry website also has a non-repudiation system, which it uses to corroborate the source and origin of incoming messages.

In addition, the King Jewelry website uses electronic signatures (with hash keys and public-key cryptography) to facilitate non-repudiation of messages. Thus, the King Jewelry website uses digital signatures to not only mitigate technical attacks, denial of service attacks, and Phishing attacks but also fulfill data integrity requirements (Blythe, 2006, p. 22).

Audit Requirements

The audit requirements in the King Jewelry website generally address issues pertaining to information system auditing. The King Jewelry website uses auditing techniques to test data integrity, assess programs, and review controls. In addition, the website has qualified auditors who are capable to detect and mitigate potential risks facing the website.

In addition, the auditors have relevant knowledge regarding the network and system change management. This knowledge embraces proficiency in dealing with different software products procured internally or externally (Pathak, Hussein & Ahmad, 2008, p. 2).

The auditors are also proficient in website audit/review given that King Jewelry website interfaces with end-users via different levels of portals. The auditors use their vast knowledge and experience to edit King Jewelry website (Pathak, Hussein & Ahmad, 2008, p. 3).

Hosting and managing an e-commerce site could be difficult when it involves risk management. The risk of operating the website requires a good understanding of the country’s policies and legal requirement. Operating an e-commerce website in Australia requires that some basic guide:

  1. Customer’s privacy is paramount
  2. The website must provide the terms and agreement for any transactions, and the security and privacy policy must be shown to avoid complex problems
  3. The order manifest and shipping details should be displayed on the site
  4. The site must be registered with the board management and other relevant agencies such as data management agents

According to Hussin, Suhaimi and Mustafa (2005), e-commerce entails using a computer system to procure and sell products. Concisely, the emergence of e-commerce is principally attributed to the internet technology. Consequently, the Australian Code of Ethics has outlined specific legal requirements relating to e-commerce (Bowern, 2012, p. 1).

For example, the Australian Code of Ethics stipulates that King Jewelry website must protect confidential information of customers. In addition, the website is required to safeguard the integrity of information transmitted within the system (Bowern, 2012 p. 3).

References

Blythe, S. (2006) Cyber law Of Japan: Promoting E‐Commerce Security, Increasing Personal Information Confidentiality, And Controlling Computer Access. Journal of Internet Law, 10, 20‐26.

Bowern, M. (2012). ACS Code of Ethics Case Studies & Related Clauses to the Code of Conduct. Australia: Australian Computer Society.

Che-Hussin, A. (2006). Building Trustworthy E-Commerce Website. Malaysia: University Technology of Malaysia.

Musa, B., Norwawi, N., & Selamat, H. (2012). Securing the Application Layer in E-Commerce. International Journal of Advanced Science, 2 (5), 47-50.

Pathak, J., Hussein, A., & Ahmad, S. (2008). What E-commerce Audit Planners Should Remember. Ontario, Canada: ISACA.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2019, June 2). E-Commerce: Information Security. https://ivypanda.com/essays/e-commerce-information-security/

Work Cited

"E-Commerce: Information Security." IvyPanda, 2 June 2019, ivypanda.com/essays/e-commerce-information-security/.

References

IvyPanda. (2019) 'E-Commerce: Information Security'. 2 June.

References

IvyPanda. 2019. "E-Commerce: Information Security." June 2, 2019. https://ivypanda.com/essays/e-commerce-information-security/.

1. IvyPanda. "E-Commerce: Information Security." June 2, 2019. https://ivypanda.com/essays/e-commerce-information-security/.


Bibliography


IvyPanda. "E-Commerce: Information Security." June 2, 2019. https://ivypanda.com/essays/e-commerce-information-security/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1