DEVELOP A SECURITY PLAN

Previous page
Table of content
Next page

Although website security is an extensive subject that is well beyond the scope of this book, this section will discuss the main points of a good e-commerce security plan, as a piece of a website’s overall reliability architecture. With an effective security system a website can create an environment that promotes e-commerce and private communications by establishing a climate that is safe from robbery and fraud.

Security is a subject most business executives try to avoid since they feel that discussing their business’ security procedures and policies might add to the risk of an attack. However, without such a discussion, it is difficult for these same executives to be aware of the constantly evolving technology that can help a web-based business.

As you develop your security plan, always be cognizant that a secure e-commerce environment requires:

  • Access control, usually managed by a firewall, which regulates the data flow.
  • Authentication, which binds the identity of an individual to a specific message or transaction.
  • Data privacy and integrity, which ensures that communications and transactions remain confidential, accurate and have not been modified.

While there are a number of security concerns that must be addressed by all web-based businesses, some websites’ security needs will differ from others. For example:

  • Some, but not all, e-commerce operations will necessitate opening up specific data resources (e.g. databases) to trusted third parties. But while doing so, the e-commerce operator must ensure that that same data isn’t accessible by other, unauthorized, parties.
  • Most e-commerce sites will want to allow their customers to know how much a widget attachment will cost as the order is being entered, but that same customer should not be allowed to see the cost of another customer’s order.
  • Many sites will want to allow their customers to be able to view, copy, and print the status of all of their outstanding orders via the business’s website, but at the same time block those customers from copying the entire database(s) in which the information is stored.

Many of today’s systems do not readily handle this level of security, but that is just what is needed to support a good e-commerce website. Although we won’t visit specialized security needs as discussed in the preceding bullet list (only you know what security systems will best protect those assets), we will look at what it takes, generally, to protect a website, its contents, and customers.


Previous page
Table of content
Next page
The Complete E-Commerce Book. Design, Build & Maintain a Successful Web-based Business
The Complete E-Commerce Book, Second Edition: Design, Build & Maintain a Successful Web-based Business
ISBN: B001KVZJWC
EAN: N/A
Year: 2004
Pages: 159
Authors: Janice Reynolds
BUY ON AMAZON
Documenting Software Architectures: Views and Beyond
C & Data Structures (Charles River Media Computer Engineering)
Data Structures and Algorithms in Java
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Twisted Network Programming Essentials
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy