ISSN: 2168-9695
Advances in Robotics & Automation
Make the best use of Scientific Research and information from our 700+ peer reviewed, Open Access Journals that operates with the help of 50,000+ Editorial Board Members and esteemed reviewers and 1000+ Scientific associations in Medical, Clinical, Pharmaceutical, Engineering, Technology and Management Fields.
 
Meet Inspiring Speakers and Experts at our 3000+ Global Conferenceseries Events with over 600+ Conferences, 1200+ Symposiums and 1200+ Workshops on
Medical, Pharma, Engineering, Science, Technology and Business

How to Set Security Policy for Electronic Commerce Services?

YAU Hon Keung*
Department of Systems Engineering and Engineering Management, City University of Hong Kong, Kowloon Tong, Kowloon, Hong Kong
Corresponding Author : YAU Hon Keung
Department of Systems Engineering and Engineering Management
City University of Hong Kong, Kowloon Tong, Kowloon, Hong Kong
Tel: 852-3442-6158
E-mail: honkyau@cityu.edu.hk
Received December 03, 2013; Accepted December 05, 2013; Published December 07, 2013
Citation: Hon Keung YAU (2013) How to Set Security Policy for Electronic Commerce Services? Adv Robot Autom 2:e115. doi:10.4172/2168-9695.1000e115
Copyright: © 2013 Hon Keung YAU. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Visit for more related articles at Advances in Robotics & Automation

Introduction
Data leakage has been one of the most important concerns for many big companies since this problem could bring enormous loss to the company. In this information technology era, data security has become significantly essential and useful yet difficult task since technology is evolving so fast everyday or even minute. Electronic commerce is popular all over the world, however, people face a lot of security problems when they perform the transaction through the web site. Calder [1] mentioned that the standard (ISO/IEC27001:2005) can enable organizations throughout the world to ensure that they are applying information security best practice in their organizations.
Security Policy for Electronic Commerce Services
This section covers these cure use of electronic commerce services and information available in public accessible systems. The following are included:
1. Electronic Commerce and Web Servers
2. On-line Transactions
3. Publicly Available Information.
Electronic commerce and web servers
Objective: To protect the companies’ electronic commerce when using public networks.
Justification: Electronic commerce needs to be protected as it is vulnerable to a number of network threats that could result in fraudulent activity, contract dispute, and dis closureor modification of information.
Guidelines: The following need to be considered
1. The identity of the other party must be authenticated through authentication mechanism like public key, digital signatures, digital certificates or even trusted third parties
2. Only authorized users (members) may place orders, set prices or sign trading contracts
3. Confidentiality, integrity, proof of dispatch, order transactions, payment information, delivery address details, confirmation of receipts and contracts should be determined and maintained
4. Liability associated with any fraudulent transactions must be addressed
5. Use the most appropriate settlement form of payment to guard against fraud
6. Payment information supplied by a customer must be verified
7. Avoid loss or duplication of transaction information
8. Addressed considerations by cryptographic controls, taking into account compliance with legal requirements
9. For electronic commerce arrangements with trading partners, a documented agreement including details of authorization and agreed terms of trading should be made.
On-line transactions
Objective: To protect the companies’ information used in on-line transactions.
Justification: To protect company and customers from incomplete transmission, misrouting, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay. On-line transactions include contractual and financial amongst others.
Guidelines: The following measures must be considered for online transactions. The level of therisk associated should be considered:
1. Use electronic signatures by both parties involved in the transaction.
2. Ensure that user credentials of all parties are valid and verified
3. Ensure that the transaction remains confidential
4. Ensure that privacy associated with all parties involved is retained
5. The communications paths must be encrypted and the protocols used t must be secured so that transaction details must be stored in a non-public accessible environment and not directly accessible via the internet.
6. Where a trusted authority for the purposes of issuing and maintaining digital signatures and/or digital certificates is used, security must be integrated and embedded throughout the entire end-to-end certificate/signature management process.
7. Ensure that transactions comply with laws, rules, and regulations
Publicly available information
Objective: To protect the integrity of information made available on publicly available ystems
Justification: Information on a publicly available system could be subject to unauthorized modification or deletion if not properly protected. This could damage the company’s reputation.
Guidelines:
1. Exploit able vulnerability should be identified and fixed by having penetration test before publishing information
2. Formal approval process must be made before publishing information
3. All data obtained from outside sources should be verified and approved.
4. Feedback and direct information entering systems should be carefully controlled that it complies with the law, rules, and regulations and is accurate in a timely manner
5. Sensitive information will be properly protected a tall stage
6. Only authorized users can have access to the system
References
Select your language of interest to view the total content in your interested language
Post your comment

Share This Article

Relevant Topics

Article Usage

  • Total views: 11136
  • [From(publication date):
    December-2013 - Jul 24, 2016]
  • Breakdown by view type
  • HTML page views : 7407
  • PDF downloads :3729
 
 

Post your comment

captcha   Reload  Can't read the image? click here to refresh

OMICS International Journals
 
Make the best use of Scientific Research and information from our 700 + peer reviewed, Open Access Journals
 
 
OMICS International Conferences 2016-17
 
Meet Inspiring Speakers and Experts at our 3000+ Global Annual Meetings
 
 

Contact Us

Agri, Food, Aqua and Veterinary Science Journals

Dr. Krish

agrifoodaquavet@omicsinc.com

1-702-714-7001 Extn: 9040

Clinical and Biochemistry Journals

Datta A

clinical_biochem@omicsinc.com

1-702-714-7001Extn: 9037

Business & Management Journals

Ronald

business@omicsinc.com

1-702-714-7001Extn: 9042

Chemical Engineering and Chemistry Journals

Gabriel Shaw

chemicaleng_chemistry@omicsinc.com

1-702-714-7001 Extn: 9040

Earth & Environmental Sciences

Katie Wilson

environmentalsci@omicsinc.com

1-702-714-7001Extn: 9042

Engineering Journals

James Franklin

engineering@omicsinc.com

1-702-714-7001Extn: 9042

General Science and Health care Journals

Andrea Jason

generalsci_healthcare@omicsinc.com

1-702-714-7001Extn: 9043

Genetics and Molecular Biology Journals

Anna Melissa

genetics_molbio@omicsinc.com

1-702-714-7001 Extn: 9006

Immunology & Microbiology Journals

David Gorantl

immuno_microbio@omicsinc.com

1-702-714-7001Extn: 9014

Informatics Journals

Stephanie Skinner

omics@omicsinc.com

1-702-714-7001Extn: 9039

Material Sciences Journals

Rachle Green

materialsci@omicsinc.com

1-702-714-7001Extn: 9039

Mathematics and Physics Journals

Jim Willison

mathematics_physics@omicsinc.com

1-702-714-7001 Extn: 9042

Medical Journals

Nimmi Anna

medical@omicsinc.com

1-702-714-7001 Extn: 9038

Neuroscience & Psychology Journals

Nathan T

neuro_psychology@omicsinc.com

1-702-714-7001Extn: 9041

Pharmaceutical Sciences Journals

John Behannon

pharma@omicsinc.com

1-702-714-7001Extn: 9007

Social & Political Science Journals

Steve Harry

social_politicalsci@omicsinc.com

1-702-714-7001 Extn: 9042

 
© 2008-2016 OMICS International - Open Access Publisher. Best viewed in Mozilla Firefox | Google Chrome | Above IE 7.0 version