Abstract
The rapid evolution of computing and communication technologies and their standardizations have made the boom in e-commerce possible. Lowering of the cost of operation, increase in the speed of transactions, and easy global reach to customers and vendors have been the reasons for the overwhelming popularity of this new way of commerce. This article examines the issues related to the security of the assets and transactions in the e-commerce components and activities. Since large public money is involved in the transactions, the role of information security and privacy is not exaggerated in this kind of business. After examining the technologies used in e-commerce, the article goes on to identify the security requirement of e-commerce systems from perceived threats and vulnerabilities. Then e-commerce security is viewed as an engineering management problem and a life cycle approach is put forward. How the e-commerce systems can be made secure using the life cycle approach is outlined. The relevant standards and laws are also discussed in the perspective of e-commerce. The article closes with some future research directions and conclusions.
Similar content being viewed by others
References
Bums S 2002 Unique characteristics of e-commerce technologies and their effects upon payment systems. GSEC (GIAC Security Essentials Certification) —Version 1.3
COBIT 2000 Control objectives for information and related technology: COBIT, 3rd edn, July 2000, Released by the COBIT Steering Committee and the IT Governance Institute
Duggal P 2000Cyberlaw in India — An analysis (New Delhi: Saaksharth)
ISO/TEC 2000 Information technology — Code of practice for information security management. ISO/IEC 17799: 2000(E)
Kalakota R, Whinston A B 1999Frontiers of e-commerce (Reading, MA: Addison-Wesley/Longman)
Mazumdar C, Barik M S, Das S, Roy J, Barkat M A 2003 Final technical report for project development of validated security processes and methodologies for webbased enterprises
Schneider G P, Perry J T 2001Electronic commerce. Course Technology, Cambridge, MA
SSE-CMM 2003 Systems security engineering capability maturity model. SSE-CMM, Model Description Document Version 3.0, June 15, 2003
Varshney U, Vetter R J, Kalakota R 2000 Mobile commerce: a new frontier.Computer Oct.: 32–38
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Sengupta, A., Mazumdar, C. & Barik, M.S. e-Commerce security — A life cycle approach. Sadhana 30, 119–140 (2005). https://doi.org/10.1007/BF02706241
Issue Date:
DOI: https://doi.org/10.1007/BF02706241