E-Commerce Solutions Create New Security Responsibilities

Previous page
Table of content
Next page

The breadth of information security in e-commerce applications is broader than you might expect. Many system architects and developers are accustomed to thinking about security as a low-level topic, dealing only with networks, firewalls, operating systems, and cryptography. However, e-commerce is changing the risk levels associated with deploying software, and, as a consequence, security becomes an important design issue for any software component.

The scope of e-commerce security is so broad because these applications typically cut across lines of business. There are many examples of new business models that drive security needs:

  • E-commerce

  • Cross-selling and customer relationship management

  • Supply chain management

  • Bandwidth on demand[1]

E-Commerce

E-commerce sites on the Internet rely on credit card authorization services from an outside company. A federated relationship between an e-commerce company and a credit card service depends on trustworthy authenticated communication.

Cross-Selling and Customer Relationship Management

Cross-selling and customer relationship management rely on customer information being shared across many lines of business within an enterprise. Cross-selling allows an enterprise to offer a customer new products or services based on existing sales. Customer relationship management allows the enterprise to give consistent customer support across many different services. These e-commerce services are very valuable, but if they are not properly constrained by security policies, the services may violate a customer’s wishes for privacy.

Supply Chain Management

Supply chain management requires continuing communication among all of the suppliers in a manufacturing chain to ensure that the supply of various parts is adequate to meet demand. The transactions describing the supply chain that are exchanged among the enterprises contain highly proprietary data that must be protected from outside snooping.

Bandwidth on Demand

Bandwidth on demand allows customers to make dynamic requests for increases in the quality of a telecommunication service and to get instant results. Bandwidth on demand is an example of self-administration, where users handle many of their own administrative functions rather than relying on an administrator within the enterprise to do it for them. Self-administration provides better service for customers at a lower cost, but comes with significant security risks. Because corporate servers that were previously available to system administrators are now accessible by end users, security mechanisms must be in place to ensure that sensitive administrative functions are off-limits.

In each of the cases previously described, one enterprise or line of business can expose another organization to increased security risk. For example, a partner can unintentionally expose your business to security attack by providing their customers access to your business resources. As a result, security risk is no longer under the complete control of a single organization. Risks must be assessed and managed across a collection of organizations, which is a new and very challenging security responsibility.



Previous page
Table of content
Next page
Electronic Commerce (Networking Serie 2003)
Electronic Commerce (Charles River Media Networking/Security)
ISBN: 1584500646
EAN: 2147483647
Year: 2004
Pages: 260
Authors: Pete Loshin
BUY ON AMAZON
Oracle Developer Forms Techniques
MySQL Clustering
Competency-Based Human Resource Management
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy