The Systematization of Disturbances Act upon E-commerce Systems

There are many processes on Internet, on web servers, in ERP and company running an e-commerce system which can be influenced by disturbances. In order to minimize their impact it is necessary to identify and collect all disturbances, to determine their evaluation metric and to propose necessary remedies. Modifications proposed should be tested by means of modeling taking internal and external environment needs into consideration. Necessary information can be captured using the e-commerce system components monitoring. Particular system environment properties like company structure, system architecture, hardware, software, methods of connection with the supplier´s e-commerce system, customer communication interface are to be taken into account. Important social indicators like legislative and economic development, development of the global information society and others should also be considered. Disturbance and failure models can be designed using various methods like e.g. multi-agents modeling, simulations, fuzzy methods modeling etc. Generic ecommerce system model using control circuit as a fundamental notion can be used as a base for modeling.e-commerce system, disturbances, categorization of disturbances, modeling of disturbances, agent, simulation of disturbances

Proposing a secure component-based-application logic and system’s integration testing approach

Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue

Policy driven security architectures for eBusiness

The dawning of the twenty-first century and genesis of a new millennium has been extremely kind to technological advance. Industries and society alike have reaped the extreme benefits of technology at its finest. Technological progress has also proven to be extraordinarily beneficial to businesses and their bottom lines when properly employed. The need for automated business logic and functionality has spawned numerous concepts and efforts to capitalize on advanced business requirements. Probably the most popular and revolutionary to date of all initiatives is the advent of eBusiness. A direct descendant of Electronic Data Interchange (EDI), eBusiness has and continues to evolve into more than a phenomenon, but rather a sound component of successful corporations and organizations. The evolution and acceptance of eBusiness has created a ripple effect throughout the technical and business worlds. The promise of this wonderful concept and its accompanying technology has forced companies to completely rethink strategic planning efforts, and to sit up and pay full attention to this ever-growing development. One area that has been extremely affected by the wide spread acceptance of eBusiness and its counterparts are the architectures and infrastructures now utilized to support these efforts. Enterprise architectures that had originally been designed to shield internal business activities from the public eye of the Internet and other domains have been either replaced, redesigned, or melded with new architectural designs that proclaim companies and their offerings to the world, all in a digital atmosphere. This proclamation can be exceptionally lucrative and damaging, all at the same time. The conception of the Internet has without a doubt been the single most important episode in the continuing fairytale and illumination of technological advance. What once was considered the Underground Railroad of information; limited to universities, research groups, and government organizations has become the Autobahn of electronic data, and continues to evolve and transcend barriers and boundaries. The ability to surpass traditional barriers such as geography and distance serves as a definite attraction for organizations to eBusiness, and a tremendous amount of companies are acting upon this attraction. However, the dark side of the Internet is a playground for adversaries such as, but not limited to hackers (crackers), lone criminals, malicious insiders (disgruntled employees), industrial spies, media representatives, organized crime, terrorists, national intelligence organizations, special interest groups, competitors, script kiddies, and infowarriors to name a few. All of these can and should be considered a potential danger while individuals and organizations alike interact via the Internet and private networks as well. Nowhere are the aforementioned dangers as prevalent as they are in the increasingly popular world of e. eBusiness, eCommerce, eMarketPlaces, eAuctions, eSupplyChains, etc., etc.; the list goes on and on. The digitization of data is big business, and organizations are realizing the infinite potential involved with participating in these markets, as well as utilizing it to streamline day-to-day business operations and management. Around the globe scores of innovative, thought-provoking systems are deployed daily to feed upon the e landscape and take advantage of this new and exciting world of prosperity. However, the same factions that make haste to establish an Internet or web-based presence and rush to take advantage of digital data and goods are often the very ones that almost always either forget, simply neglect, or place a low priority on an absolute vital necessity of all e-efforts. Security! Therefore, the intent of this thesis is to examine and introduce methodical approaches to designing and implementing security life cycles that are driven by policy for secure eBusiness architectures. In order to provide the necessary assurance and security needed for eBusiness architectures efficient well thought out life cycles must be employed for security practices. Security, like any other component of Information Technology (IT) is not a hit or miss scenario. It is a continuos and meticulous process that is all encompassing of all veins of an enterprise. In order to design a secure architecture a procedural approach must be taken, so that all threats, vulnerabilities, adversaries, holes, nooks, and crannies are covered. Even after all these things have been addressed there is no such thing as an impenetrable system or infrastructure, especially in a networked environment. Given enough time and resources the strongest of confines can be made as vulnerable as a home PC connected to the Net. This is especially true for those systems that operate over public networks such as the Internet. Therefore, processes and procedures must be introduced, refined and constantly managed to maintain a secure state of operation. This text will illustrate the process of assessing technical environments utilized for eBusiness initiatives and gathering requirements for secure operation. Then taking those requirements and developing a functional security policy to govern over the system. Next, the document will discuss extracting requirements from the actual security policy and using them to create a plan of implementation. Also, during the implementation phase exists several testing and assurance activities that should be addressed. After, the overall implementation is completed and deployed, streamlined processes must be applied and properly managed to ensure that the hardened solution continues to function, as it should. An adequate cycle is much more intensive than described above, and this thesis will provide the detail needed to thoroughly address the concepts described here

Securing small business - the role of information technology policy

As small and medium enterprises develop their capacity to trade&nbsp; electronically, they and their trading partners stand to gain considerable benefit from the resulting transaction efficiencies and business&nbsp; relationships. However, this raises the question of how well small business manages its IT security and the threats that security lapses may pose to the wider trading network. It is in the interest of all members of an electronic trading network, as well as governments, to assist smaller companies to secure their business data. This paper considers the relationship between IT security management and IT policy implementation among small&nbsp; businesses involved in business-to-business eCommerce. It reports the results of a survey of 240 Australian small and medium businesses&nbsp; operating in a cross-industry environment. The survey found a low level of strategic integration of eCommerce along with inadequate IT security among the respondents, despite the fact that 81% were doing business online and 97% identified their business data as confidential. Businesses which implemented satisfactory levels of security technologies were more likely than others to have an information technology policy within the organisation. The paper proposes a model that outlines the development of security governance and policy implementation for small and medium businesses.<br /

Exploring The Role Of Cyber Security Measures (Encryption, Firewalls, And Authentication Protocols) In Preventing Cyber-Attacks On E-Commerce Platforms

The present study seeks to examine the significance of cybersecurity measures, specifically encryption strength (ES), firewall configuration (FC), and authentication protocols (AP), in protecting e-commerce platforms against cyber-attacks. The data collection process involved the administration of a survey to IT professionals responsible for overseeing e-commerce operations in a range of organisations located in Saudi Arabia. A convenience sampling method was employed to distribute a total of 300 questionnaires, out of which 190 completed responses were selected for analysis. The measurement model, which encompassed variables such as ES, FC, AP, security training (ST), cyber-attack incidents (CAI), customer trust (CT), and incident response time (IRT), was estimated using the structural equation model in Amos. The results of this study provide insights into the relationship between cybersecurity measures and their influence on the frequency of cyberattacks. The study highlights the significance of encryption, firewall configuration, and authentication protocols in strengthening e- commerce platforms. Additionally, this study examines the impact of security training on the improvement of overall cybersecurity posture and its subsequent effect on customer trust. The examination also takes into account the duration of incident response as a critical element in minimising the consequences of cyber incidents. The findings obtained from this study contribute to a more comprehensive comprehension of the cybersecurity environment within the realm of electronic commerce

A Security Supervision System for Hybrid Networks

The traditional way of protecting networks and applications with e.g., firewalls and encryption, is no longer sufficient to protect effectively emerging hybrid wired-cum-wireless networks including ad hoc networks. Intrusion detection mechanisms should be coupled with preventive measures so as to identify unauthorised abuses. To this end, we propose a novel Hybrid Distributed Security Operation Center (HDSOC) which collects logs that are generated by any application/service, layer of the protocol stack or resource (e.g., router), providing a global view of the supervised system based on which complex and distributed intrusions can be detected. Our HDSOC further (i) distributes its capabilities and (ii) provides extensive coordination capabilities for guarantying that both the networks and the HDSOC components do not constitute isolated entities largely unaware of each others

Business intelligence as the support of decision-making processes in e-commerce systems environment

The present state of world economy urges managers to look for new methods, which can help to start the economic growth. To achieve this goal, managers use standard as well as new procedures. The fundamental prerequisite of the efficient decision-making processes are actual and right information. Managers need to monitor past information and current actual information to generate trends of future development based on it. Managers always should define strictly what do they want to know, how do they want to see it and for what purpose do they want to use it. Only in this case they can get right information applicable to efficient decision-making. Generally, managers´ decisions should lead to make the customers´ decision-making process easier. More frequently than ever, companies use e-commerce systems for the support of their business activities. In connection with the present state and future development, cross-border online shopping growth can be expected. To support this, companies will need much better systems providing the managers adequate and sufficient information. This type of information, which is usually multidimensional, can be provided by the Business Intelligence (BI) technologies. Besides special BI systems, some of BI technologies are obtained in quite a few of ERP (Enterprise Resource Planning) systems. One of the crucial questions is whether should companies and firms buy or develop special BI software, or whether they can use BI tools contained in some ERP systems. In respect of this, there is a question if the modern ERP systems can provide the managers sufficient possibilities relating to ad-hoc reporting, static and dynamic reports and OLAP analyses. A one of the main goals of this article is to show and verify Business Intelligence tools of Microsoft Dynamics NAV for the support of decision-making in terms of the cross-border online purchasing. Pursuant to above-mentioned, in this article authors deal with problems relating to managers´ decision-making, customers´ decision-making and a support of its using the BI tools contained in ERP system Microsoft Dynamics NAV. A great deal of this article is aimed at area of multidimensional data which are the source data of e-commerce systems.Business Intelligence, decision-making, e-commerce system, cross-border online purchasing, multi-dimensional data, reporting, data visualization