Skip to main content
SpringerLink
Log in

e-Commerce security — A life cycle approach

  • Published:
Sadhana Aims and scope Submit manuscript

Abstract

The rapid evolution of computing and communication technologies and their standardizations have made the boom in e-commerce possible. Lowering of the cost of operation, increase in the speed of transactions, and easy global reach to customers and vendors have been the reasons for the overwhelming popularity of this new way of commerce. This article examines the issues related to the security of the assets and transactions in the e-commerce components and activities. Since large public money is involved in the transactions, the role of information security and privacy is not exaggerated in this kind of business. After examining the technologies used in e-commerce, the article goes on to identify the security requirement of e-commerce systems from perceived threats and vulnerabilities. Then e-commerce security is viewed as an engineering management problem and a life cycle approach is put forward. How the e-commerce systems can be made secure using the life cycle approach is outlined. The relevant standards and laws are also discussed in the perspective of e-commerce. The article closes with some future research directions and conclusions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Bums S 2002 Unique characteristics of e-commerce technologies and their effects upon payment systems. GSEC (GIAC Security Essentials Certification) —Version 1.3

  • COBIT 2000 Control objectives for information and related technology: COBIT, 3rd edn, July 2000, Released by the COBIT Steering Committee and the IT Governance Institute

  • Duggal P 2000Cyberlaw in India — An analysis (New Delhi: Saaksharth)

    Google Scholar 

  • ISO/TEC 2000 Information technology — Code of practice for information security management. ISO/IEC 17799: 2000(E)

  • Kalakota R, Whinston A B 1999Frontiers of e-commerce (Reading, MA: Addison-Wesley/Longman)

    Google Scholar 

  • Mazumdar C, Barik M S, Das S, Roy J, Barkat M A 2003 Final technical report for project development of validated security processes and methodologies for webbased enterprises

  • Schneider G P, Perry J T 2001Electronic commerce. Course Technology, Cambridge, MA

    Google Scholar 

  • SSE-CMM 2003 Systems security engineering capability maturity model. SSE-CMM, Model Description Document Version 3.0, June 15, 2003

  • Varshney U, Vetter R J, Kalakota R 2000 Mobile commerce: a new frontier.Computer Oct.: 32–38

Download references

Author information

Authors and Affiliations

  1. Centre for Distributed Computing, Department of Computer Science and Engineering, Jadavpur University, 700 032, Kolkata, Inida

    A. Sengupta & C. Mazumdar

  2. Department of Information Technology, Bengal Engineering and Science University, 711 103, Shibpur, India

    M. S. Barik

Authors
  1. A. Sengupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. Mazumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. S. Barik
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sengupta, A., Mazumdar, C. & Barik, M.S. e-Commerce security — A life cycle approach. Sadhana 30, 119–140 (2005). https://doi.org/10.1007/BF02706241

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/BF02706241

Keywords

Search

Navigation