A Security Architecture for Electronic Commerce Applications

International Journal of Electrical and Computer Engineering (IJECE), 2022

The huge development of internet technologies and the widespread of modern and advanced devices lead to an increase in the size and diversity of e-commerce system development. These developments lead to an increase in the number of people that navigate these sites asking for their services and products. Which leads to increased competition in this field. Moreover, the expansion in the size of currency traded makes transaction protection an essential issue in this field. Providing security for each online client especially for a huge number of clients at the same time, causing an overload on the system server. This problem may lead to server deadlock, especially at rush time, which reduce system performance. To solve security and performance problems, this research suggests a prototype design for agent software. This agent will play the role of broker between the clients and the electronic marketplace. This is done by providing security inside the client device and converting the client's order into a special form which is called a record form to be sent to the commercial website. Experimental results showed that this method increase system performance in terms of page loading time, transaction processing and improves the utilization of system resources.

In this paper, we discuss the present scenario and future trends of network security in ecommerce, and the requirement of security in e-commerce. Network and data security have become one of the biggest issue because it has decreased the progress of ecommerce. Web service is a key technology to achieve electronic commerce via authentication and transaction of customer. In this paper, we proposed a novel model for secure e-commerce and it will increase usage rapidly of e-commerce throughout the world.

International Journal of Computer Applications, 2014

With the growth of business over the internet, there is more scope of security vulnerabilities over the internet. Despite of many efforts to make internet safe to the users, there is still a possibility for threats. The client, as well as the merchant for the electronic business, always faces problems due to these threats. This paper is an effort to distinguish the threats for the client perspective and the merchant perspective. Further a measure has been defined for securing both the parties over the internet during the electronic business. Further, the measure can be used for the analysis, design of an application, and also, to compare it with other applications.

E-commerce involves the process of buying, selling, and exchanging of products, services, and information via computer networks, primarily the Internet. The objective of this paper is to identify obstacles that facing the implementation of e-commerce system and providing security solutions to protect sensitive information. In the practical part the paper presents the design and implementation of secure site that allow the customers to search and buy products at anytime and anyplace through the Internet. All data are archived and stored in the proposed system, so that the administrator can easily search and retrieve information at any time and can make changes to them.

Computers & Security, 2005

The major reason why most people are still sceptical about e-commerce is the perceived security and privacy risks associated with e-transactions, e.g., data, smart cards, credit cards and exchange of business information by means of online transactions. Today, vendors of e-commerce systems have relied solely on secure transaction protocols such as SSL, while ignoring the security of server and client software. This article, Secure Business Application Logic for e-commerce Systems, discusses a key weak link in e-commerce systems: the business application logic. Although the security issues of the front-end and back-end software systems in e-commerce application warrant equal attention, but this research focuses on the Security of Middle Tier of e-commerce server that implements the business application logic and traditionally, e-commerce sites implemented the middle tier of software on the web server using CGI. We also present strategies for secure business application logic: good design and engineering, secure configuration, defensive programming and secure wrappers for server-side software.

IJARCCE

It is the trading or in products or services using computer networks like Internet or online social networks. Here the Business conducted through the use of computers, telephones, fax machines, barcode readers, credit cards, automated teller machines (ATM) or other electronic appliances without the exchange of paper-based documents or physically moving to a shopping mall. It includes activities such as procurement, order entry, transaction processing, online payment, authentication, inventory control, order fulfillment, shipment, and customer support. When a buyer pays with a bank card swiped through a magnetic-stripe-reader, he or she is participating in e-commerce. E-commerce Security is a part of the Information Security framework and is specifically applied to the components that affect ecommerce including of Data security and other wider realms of the Information Security framework. E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or destruction. Dimensions of e-commerce security-Integrity, Non-repudiation, Authenticity, Confidentiality, Privacy, Availability. Ecommerce offers the banking industry great opportunity, but also creates a set of new risks and vulnerability such as security threats, hackings. Therefore it is an essential management and technical requirement for any efficient and effective Payment transaction activities over the internet. Due to the constant technological and business change and requires a coordinated match of algorithm and technical solutions. In this paper we discussed with Overview of security for ecommerce, various steps to place an order, Security purpose in E-commerce, various security issues in E-commerce, guidelines for secure online shopping etc.

International Journal of Computer Applications, 2012

E-commerce applications are becoming popular day by day as they are working like a virtual shop. Today's distributed ecommerce applications typically rely upon various technologies in their realization, including the web, scripting languages, server-side processing and an underlying database. The combination of these technologies creates a system that requires attention to the security issues of each component and the system as a whole. Hence security related to authentication, authorization and transaction database need to be managed carefully.

VFAST Transactions on Software Engineering, 2023

INTRODUCTION Electronic commerce (e-commerce and mcommerce) offers non-cash payment options such as credit cards, debit cards, smart cards, electronic fund transfers through bank websites, and other electronic payment options with 24-hour service availability. It is automating businesses process and offer clients services. It is accessible everywhere and at all times. It broadens the audience for company marketing and promoting of their goods and services. It assists in better product/service marketing management. It increases sales since orders may be produced for the items at anytime, anyplace, and without the need for human participation. It significantly increases current sales volumes. It encourages and offers several options for pre and post-sale support to give clients better services. Additionally, it offers automated inventory control. When necessary, reports are immediately created. Management of the product inventory becomes incredibly effective and simple to maintain. It offers methods for quicker, more effective, and dependable communication with partners and consumers. There are main areas in which the benefits of internet commerce may be roughly divided. With a minimal financial commitment, businesses may expand their markets to include both domestic and foreign markets. Across the world, a firm may simply find additional clients, the best suppliers, and compatible business partners. Digitizing information aids firms in lowering the cost to produce, process, disseminate, retrieve, and manage paper-based information. It boosts the company's brand image. Better customer service is made

World Academy of Research in Science and Engineering, 2020

ABSTARCT In this paper a data protection method that allows to increase the secrecy of the transfer of confidential information during electronic trading operations via the Internet and the mechanism of ensuring e-commerce security to meet the requirements of business applications related to e-commerce and the secrecy of the signed messages through the use of a hash chameleon are proposed. As well a scheme of integrated e-commerce environment and a method for assessing the security of information resources in integrated e-commerce systems are built up.

International Journal of Networked and Distributed Computing, 2019

Every distributed system requires a secure environment for its users. Security becomes even more important if users exchange sensitive information and value, across the network. An e-commerce environment is an example of a distributed system in which security is of a high priority. It is important that messages are confidential and tamper proof; users cannot repudiate transactions, and only authorized and properly authenticated users can access resources. These functionalities require proper security layer to provide access and sharing functions between the e-commerce systems and their respective customers. A Distributed Security Management System (DSMS) provides these services/functionalities. The DSMS is a security middleware for e-commerce servers, which coordinates secure communication, access and sharing of resources between the distributed applications, objects, databases and entities that make up the system. It is designed to provide an interface between clients and the databases of the merchants in a secure way, such that authorized clients can retrieve and send information to the system securely. It is required to have high quality and high tolerance for errors since the server is required to be always available continually. It must also have a user-friendly interface and feature set. The DSMS design discussed in this paper provides these requirements using public and private key systems, data encryption standard encryption, log files and a secure hashing algorithm. A prototype of the system was implemented using the Java security platform.