Abstract
One of the crucial requirements for electronic commerce (e-commerce) systems is to provide adequate data security, which has been defined in terms of five functionalities (Adam, Dogramaci, Gangopadhyay and Yesha, 1998; Adam, Gangopadhyay and Holowczak, 1998; Kalakota and Whinston, 1996): authentication, authorisation, confidentiality, integrity, and non-repudiation. Authentication refers to the ability to prove the identity of a user and is based on verifying information provided by the user against what is known by the system about the user. Methods of authentication include private information such as passwords, physical devices such as smart cards, and biometric characteristics such as fmgerprints. Authorisation involves controlling access to information once authentication is established. Authorisation is accomplished with access control mechanisms for network entities and resources. Confidentiality involves maintaining privacy of information about users. Integrity involves the protection of data from modification, either while in transit or in storage (Bhimani, 1996). e-commerce systems must have the capability of ensuring that data transmissions over networks arrive at their destinations in exactly the same form as they were sent. Changes in data that integrity services must protect against include not only modifications to the data, but additions, deletions and reordering parts of the data (Ford and Baum, 1997). Non-repudiation involves proving the identity of the sender of a message. This prevents a sender from denying the fact that a message (such as a purchase order) was actually sent and taking responsibility for such a message.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag London
About this chapter
Cite this chapter
Gangopadhyay, A., Adya, M. (1999). Protecting Sensitive Information in Electronic Commerce. In: Sudweeks, F., Romm, C.T. (eds) Doing Business on the Internet. Computer Supported Cooperative Work. Springer, London. https://doi.org/10.1007/978-1-4471-0561-9_7
Download citation
DOI: https://doi.org/10.1007/978-1-4471-0561-9_7
Publisher Name: Springer, London
Print ISBN: 978-1-85233-030-9
Online ISBN: 978-1-4471-0561-9
eBook Packages: Springer Book Archive