Tuesday, December 10, 2019
Emerging Technologies and Innovation Security
Question: Discuss bout the Emerging Technologies and Innovation Security. Answer: Introduction E-commerce security is a powerful tool that not only reach markets and improves the service but it also enhances the operation chain of any organization. Although, in nonprofessional terms it is a process of doing business through computer networks but today, it helps in carrying out business in much accessible as well as in easier terms (Hossain, 2015). Conversely, there has been a transformation in getting work done through an individual. Electronic E-commerce that is existed as electronic transformation exchanges but constitutes to hold confidential information in private as well as public organizations. After many transformations as well as advancements still opts to be a major concern over any electronic technologies. Although, with growing issues, ecommerce security has been facing lost trust from technology as well as daily business transactions. On the other hand, m-commerce increases the concern when there is frequent sharing of data that is leading to various compliant issues, data loss in handling payments (Shahzad and Hussain, 2013). However, the authentication and integrity can only be achieved if there are some secure policies that can not only help in analysing the target sites but will also will be bound to check the services of high profile web servers. Overview of the Research Issues The research issues highlight the e-business issues that result in ecommerce issues. The web and the internet technologies in the new virtual world has one of the mainstay of the millions of consumers in the real world such that e-business have to look for challenges in the field of security. The large departments in e-business have been outlined due to the different traditional issues that lead to different security challenges. The filter in the data in accessing data is made to ensure but despite attempts, there have been denial-of-service attacks creating a troublesome security and making e-business with ecommerce inaccessible to consumers, business as well as government (Kleine, 2013). The major issues that have been experienced in the number of systems and networks experiencing online transaction are the security problems in home/client computers where cookie helps in enabling as well as stealing of financial data by the third party hackers. The other possible issue is encryption, which comes up due to wireless networks (Alsharfa, 2015). M-commerce, on the other hand, has been creating problems of data stealing and eavesdropping at showrooms as well as point-of-sale stores. The firewall problems leads to hacking of old as well as new purchasing orders with other processing agents creating problems for the organizations. The other securities that needs considerate amount of revision are computer security (assets that are unauthorized access, alteration or destruction) and logical security (assets that are not secured on nonphysical means) (Carroll, 2014). Overview of the Problems related to E-commerce Security In e-commerce, the security issues have not only origin from the communication but also through internet that have disrupted the flow of information in all directions. The vulnerabilities of these issues have not been intact to consumer network but also have been in different services and network with the privacy issue of the data from business to consumer and business-to-business (Stair Reynolds, 2013). Consumer privacy has been the most common form that has been taking place by hindering the alteration of the data through financial fraud and identity threats. The DDOS as well as phishing attacks highlight that the portal through which the interaction happen to high profile web servers is not safe. As a result, the consumers as well as business are restricting themselves to using e-commerce as well as m-commerce services because without security and trust, the consumers are shifting back to traditional methods (Rahim, 2013). On the other hand, issues in transaction security, system operations as well as personal data security has been threatened by unwanted intrusions. In addition, the earlier hacking attacks have been prominent as the hackers are able to successfully penetrate in the servers and he same has been most common in shopping web servers like yahoo.com, amazon.com, e-bay.com and many more. One more attack that had been common in this scenario have been the sniffer attack that is through encrypting network traffic where the network is transformed into topology switching (Fan et al., 2013). The collapse of network security architectures highlights the hackers shifting to client base through sniffer attacks that had led to two main threats of e-commerce security in client base. Moreover, they are Trojan horse programs and viruses as they disrupt the system and cause a grave threat into breaking into the system; further aligning with data integrity attacks (Basta, Basta, Brown, 2013). Related Work Issue in Ecommerce security encompasses the potential desecration that lead to malicious insiders attacking the security and causing harm. The threats and malicious frauds common in ecommerce are of grave importance, as they possess high potential risk in all kinds of transactions that took over the server levels and lead to code attacks as well as technological failure. As per e-business, e-commerce is an internet-based procedure that is not only threat prone but is also susceptible to threat due to poorly written programmes (Salah, 2013). The threats in ecommerce can be of two types that is active as well as passive such that the former changes the actual data and as a result, ecommerce server receives the fraud data, which can also be known as Man in the Middle Code Attack whereas the latter spies on the transmitted data (Jotwani Dutta 2016). Cybercrimes also constitutes to be a part Ecommerce security because of poor technical infrastructure. Cybercrime also proves to a hold an affecting client security through high profile web servers by infiltrating the communication channel security. The security overview can further be violated while tricking the shopper in online shopping; loopholes and patches serve guessing passwords leads to security hazard plots (Tsele, 2016). Issues and Attacks in E-Commerce Security As per Sen, Ahmed Islam (2015), there are various attacks that can take place in the e-commerce security and that are malicious code attacks and denial of service attacks accompanying various issues to consumer, business and government in transaction, system operations as well as privacy issues. The malicious attacks can be in the form of Trojan Horses as well as Viruses and where the former is a dangerous programming code that can self-replicate and can lead to loss or theft of the data causing possible harm in the system and disrupting the process of ecommerce security barriers. The latter attacks the host file and is the most publicized threat to the client systems. This is evident because of the older operating systems that have in-built security. Overall, it is mostly dependent on the business environment depending the significant worms that have more files and resources. Conversely, the issues that can be identified in the e-business system are software development, network and wireless and mobile issues. The software development issues is based on the debug of the oversight or mistake in the computer program can lead to wrong hands because of formatting of the information and wrong rendering. The exchange of data undertaken in the software systems like changes in the network and communication protocols followed by infiltration in the security patches leads to possible vulnerabilities that are often used as a tool by hackers in stealing information and infecting business system. The other issue that has been highlighted to deal with privacy issue is the threat of basic securities arising from different attacks. According to Singh (2014), the distributed Denial of Service (DDoS) is the attack where many log in requests can be posted in a server for many user ids so that there is a flood of networks and legitimate users do not access the network facilities. The Domain Name System and Attacks leads to replication of databases. SQL injection is the other threat in which the third party (hackers) executes commands in the application databases through clients login. Cross Site Script (XSS) is the way of inserting malicious scripts into web pages is elevated because of admittance privileges that are accessed due to sensitive page content. However, to combat these issues, it is important that secure electronic commerce has been required in secrecy, integrity, availability, key management, authentication and non-repudiation. The secrecy needs to be required in the reading messages related to online payment methods through credit cards or any other confidential information. On the other hand, integrity mechanism builds an envelope in which the digital messages are altered. The availability is acquired for assurance and key management is important for distribution to provide secure communications. Non-repudiation and authentications needs to be through undeniable end-to-end proof to identify messages receipt as well as signatures and certificates. Proposed solution to E-Commerce Security Issues The threats and attacks in e-commerce security is rising, as a result, there is growing concern from the customer that whether the information shared is secured or not leading to loss of trust in online high profile web servers interaction. However, as seen the attacks and threats are result of payments as well as the confidential data shared online while performing online shopping or paying fees and bills online. The possible solutions that can be provided to e-commerce security based on the possible attacks and threats are through personal measures whether limiting the traffic directed to the computer or infected through spyware through Personal Firewalls (Ndunge, 2013). Secondly, it can be done using Secure Socket Layer (SSL) in which the data is transferred in an encrypted form such that all the information that needs to be kept private where can check the certification using https://, which can be recognized. PCI Standard Compliance is the other measure which is merges with the payment card security to provide an extra level of protection for card issues that can sure that the merchants in both online as well as in showrooms using brick and mortar provide basic levels of security in saving client information through transferring the card data. On the contrary, this can be met by other approach as well that is SET (Secure Electronic Transaction) (Miller et al., 2014). Other methods like Digital Signatures and Certificates adds to the basket while keeping authentication as well as integrity through a hash function which states that the numbers are encrypted using a public key which is sent to the recipient so that the message digest volume remains the same (Niranjanamurthy Chahar, 2013). However, the Certificate Authority scrutinizes as well as sanctions this digital document. However, other various methods are even implied to ecommerce security starting with password policies based on guessing passwords such that the login attempts can be reduced to a considerable amount, installing recent software patches in which bugs and vulnerabilities can be reduced from the hackers as soon as they become available (Cobb et al., 2012). Figure: Digital Signature Process Source: (Sethi, 2015) On the other hand, one of the main changes that the e-commerce can achieve is through Public Key Infrastructure in which overall strategy is to work with security mechanism, risk efforts as well as business practices. However, this is distributed using public keys in which secure communication system is established using digital certificates. However, systems in which PKI can be used are emails, various chip card applications, home banking system, value exchange with e-commerce and electronic postal systems (Singh, 2015). Figure: Public Key Infrastructure Source: (Kim et al., 2013) Technology Related Advancements (2010- 2016) Last few years have seen many security incidents that have not only involved breach in the organizations but has also resulted in migration of information from high profile webs servers to web based platforms on an everyday basis and has been growing since then. However, Experts have noted a trend that can be recognized in the cyberspace through types of attacks that have been targeting ecommerce as well as retail organizations as well as their clients. However, with growing concern as well as the maximum number of breaches happening in 2014, there is a need of access control management. Traditionally, control can be performed using complying with the Payment Card Industry Data Security Standard (PCI-DSS) (Palmer, 2014). One method that can be useful is the Cloud Computing in which variety of computer services have been using enterprise software applications as emails and other computer application to get the delivery done over time. Cloud based platforms have been proved to be the s martest to achieve efficiencies and advances in the demand if business strategies (Trend Micro, 2014). On the other hand, the technology that has been broadly classified is Hybrid Encryption Technology in E-commerce Database such that it helps in utilizing mixture innovation and thinking through favourable position having a high as well as rapid effectiveness from the position of entering the username to updating the password (Shrivastava Singh, 2016). The hybrid encryption in performed using original information from the client, is encrypted through a key which produces a cipher text in the internet whereas the same information can be performed using vice versa. Contrary to this, the other method that can be analysed in the ecommerce security is Biometric Technologies, which is suited for different application whether it is to navigate through complex vendors or through eye of future development in standards of technology. The biometric technology needs verification of the client using voice, signature, face, iris and retinal investigation and hand geometry. This is used because any error in network and computer access will lead to shut down access in event of violation of the sensitive data. With biometrics technologies, the arrival of Java 2 Enterprise Edition has been able to support the critical pieces that are needed (Ratha, Connell Pankanti, 2015). However, XML prepares to play a critical role in not only organizing neutral standard data exchange amongst clients, organizations but also implying International Communication Technology (ICT) that combines the role of XML as well as Java Programming language in business to consumer ecomme rce sites (Rahman Dung, 2015). Experimental Analysis The testing ideas of ecommerce issues highlights that though the present system is an automated system but presently it has technology constraints and problems of unreliability with use of authentication and identification. The PIN system used through SSL and SET can be tracked. On the whole, with Biometrics and with arrival of Java 2 Enterprise Edition can be unbeaten which is not easy with Personal Identification Number used. Experimentally, it is seen that non-biometric softwares and recognition of threats as sloe when it comes to retail organizations as it does not tracks the nature of changes augmented (Pande, 2016). Traditionally, the methods used have been considered most beneficial using digital signatures through PKI as a means of verification of integrity of data and authentication. In order to attain legal status it is important to gain asymmetric cryptology employed in its production such that the key is used to decrypt the message. This can be considered as a good system where two parties living far off can perform their own activities while reducing the likelihood of fraud in the transactional as well as personal security. However, non- repudiation of communications are provided using public key cryptography with digital signatures and hash functions (Delfs Knebl, 2015). Conclusion Data security, in this way, is a vital administration and specialized necessity for any proficient and successful instalment exchange exercises over the web. This paper dissect to give a system to various exchange calculation in e-trade to secure the online exchange framework. In any case, security threats about security related matters have grown. Obviously, innovation gives an answer as well. Be it the operation of two-factor authentication, SET, PKI or SSL (Secure Sockets Layer), each piece helps in making the web a more secure spot to make exchanges. Nevertheless, innovation is not the last arrangement. To bring security so that the information do not get lost while transmission and extortion exchange could not happen is our principle concern. We need to discover the answer for this e-trade security issues viably. In conclusion, the difficulties that E-Commerce industry face for the security issues can be minimized by the Implementation of different security convention and rehear sing of encryption, validation, and secrecy. Recommendations Program training, introduction projects will get to be more basic to expand the general masses' consciousness of security on the Internet. IT and monetary control/review bunches inside the ecommerce site ought to frame a union to overcome the general imperviousness to executing security rehearses at the business level. Industry self-direction of shopper security appears to be inadequate. The FTC security study and its proposals to Congress may bring about the presentation of enactment on protection issues. References Alsharfa, R. (2015). Performance Evaluation of TCP Multihoming for IPV6 Anycast Networks and Proxy Placement. Basta, A., Basta, N., Brown, M. (2013).Computer security and penetration testing. Cengage Learning. Carroll, J. M. (2014).Computer security. Butterworth-Heinemann. Cobb, C., Cobb, S., Kabay, M. E., Crothers, T. (2012). Penetrating computer systems and networks.Computer Security Handbook. Delfs, H., Knebl, H. (2015). Public-Key Cryptography. InIntroduction to Cryptography(pp. 49-106). Springer Berlin Heidelberg. Fan, H., Dong, Y., Yu, M., Tung, L. (2013, October). Security Threats against the Communication Networks for Traffic Control Systems. In2013 IEEE International Conference on Systems, Man, and Cybernetics(pp. 4783-4788). IEEE. Hossain, M. (2015).E-commerce in Consumer to Consumer. East West University. Jotwani, V., Dutta, A. (2016). An analysis of E-Commerce Security Threats and Its Related Effective Measures.International Journal,4(6). Kim, T. H. J., Huang, L. S., Perring, A., Jackson, C., Gligor, V. (2013, May). Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. InProceedings of the 22nd international conference on World Wide Web(pp. 679-690). ACM. Kleine, D. (2013).Technologies of choice?: ICTs, development, and the capabilities approach. MIT Press. Miller Jr, H. S., Fleet, M. R., Celenza, B. J., Shust, D. (2014).U.S. Patent No. 8,886,937. Washington, DC: U.S. Patent and Trademark Office. Ndunge, K. R. (2013).Security framework for electronic mail systems(Doctoral dissertation, Strathmore University). Niranjanamurthy, M., Chahar, D. D. (2013). The study of e-commerce security issues and solutions.International Journal of Advanced Research in Computer and Communication Engineering,2(7). Palmer, E. (2014). The Importance of Payment Card Industry Data Security Standards for Startup Companies. Pande, M. N. R. (Ed.). (2016). Cyber Attacks and Counter Measures: User.Meta,3, 1Attribution. Rahim, E. R. (2013). Information Security in the Internet Age. InBeyond Data Protection(pp. 157-186). Springer Berlin Heidelberg. Rahman, M. A., Dung, P. M. (2015).Semantics of concurrency in Java(Doctoral dissertation). Ratha, N. K., Connell, J. H., Pankanti, S. (2015). Big Data approach to biometric-based identity analytics.IBM Journal of Research and Development,59(2/3), 4-1. Salah, K. (2013).E-commerce and small and medium enterprises (SME) in least developed countries: the case of Tanzania(Doctoral dissertation, University of Cape Town). Sen, P., Ahmed, R. A., Islam, M. R. (2015). A Study on E-Commerce Security Issues and Solutions. Sethi, R. (2015). Analysis of Security Algorithms used in E-Commerce and ATM Transactions. Analysis, 11(08), 19-24. Shahzad, A. Hussain, M. (2013). Security issues and challenges of mobile cloud computing.International Journal of Grid and Distributed Computing,6(6), pp.37-50. Shrivastava, A., Singh, L. (2016). A new hybrid encryption and steganography technique: a survey. Singh, J. (2014). Review of e-Commerce Security Challenges.International Journal Of Innovative Research In Computer And Communication Engineering,2(2). Retrieved from https://www.ijircce.com/upload/2014/february/1_Review.pdf Stair, R. Reynolds, G. (2013).Principles of information systems. Cengage Learning. Top cloud security trends: A focus on e-commerce. (2014).Trend Micro. Retrieved 24 September 2016, from https://blog.trendmicro.com/top-cloud-security-trends-a-focus-on-e-commerce/ Tsele, L. (2016).4 tech developments we are likely to see more of in 2016.Smesouthafrica.co.za. Retrieved 24 September 2016, from https://www.smesouthafrica.co.za/16306/Tech-developments-to-take-into-2016/.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.