Abstract
This paper suggests a framework that can be used to identify the security requirements for a specific electronic commerce environment. The first step is to list all the security requirements for an electronic commerce environment in general. Next, all participants need to be identified. This is followed by the breaking down of the transactions into different autonomous actions. These actions are then mapped onto the participants involved, which serve as a model for the electronic commerce environment. This information is then used to identify the security requirements for a secure electronic commerce environment. The security requirements, in turn, are then used to develop the security architecture, consisting of appropriate security procedures and mechanisms and policy.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35515-3_53
Chapter PDF
Similar content being viewed by others
Key words
References
Badenhorst, K. P., A formal approach to the optimisation of information technology risk management, Thesis ( Ph.D.)-Rand Afrikaans University, South Africa, 1994
BUC S.A., “Marion 2000 — User’s guide of Marion 2000”, BUC S.A., Paris, France, 1998
Central Computing and Telecommunications Agency, CRAMM Management Guide, CCTA, UK, 1996
Ernst & Young, Executive guide to eCommerce, Ernst & Young International, Release 1, September 1998
Ernst & Young, E-commerce: 1999 Special report — Technology in financial services, SCORE retrieval file number J00226, 1999
IBM, Enterprise–wide security architecture and solution presentation guide, IBM Corporation, SG24–4579–00, Red Book Collection, November 1995
Labuschagne, L, A new approach to dynamic Internet risk analysis, Thesis ( D.Com) - Rand Afrikaans University, South Africa, 2000, http://csweb.rau.ac.za/deth/acad/thesis/
Macgregor, R.S., Aresi, A. and Siegert, A., WWW.security – How to build a secure world wide web connection, Prentice Hall, ISBN 0–13–612409–7, USA, 1996
Pressman, R.S., Software engineering: a practitioner’s approach — Fourth Edition, The McGraw–Hill Companies, Inc., ISBN 0–07–709–411–5, USA, 1997
SET Secure Electronic Transaction LCC, The SETTM Specification, http://www.setco.org/set_specifications.html, 2000
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this paper
Cite this paper
Labuschagne, L. (2000). A framework for electronic commerce security. In: Qing, S., Eloff, J.H.P. (eds) Information Security for Global Information Infrastructures. SEC 2000. IFIP — The International Federation for Information Processing, vol 47. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35515-3_45
Download citation
DOI: https://doi.org/10.1007/978-0-387-35515-3_45
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5479-7
Online ISBN: 978-0-387-35515-3
eBook Packages: Springer Book Archive