Implementation of Trust Issues in Ecommerce

This paper is based on security of E-commerce web sites. It uses web mining technology for providing security on e-commerce web sites. The connection between web mining security and ecommerce analyzed based on user behavior on web . Different web mining algorithms and security algorithm are used to provide security on e-commerce web sites. Based on customer behavior web mining algorithms like page rank algorithm and trust rank algorithm is used for developing web mining framework in e-commerce web sites. This application will develop false hit database algorithm and nearest neighbor algorithm to provide security on e-commerce web site. It will also develop page rank & trust rank algorithm for providing security on e-commerce site

THE INVESTIGATION OF THE FACTORS ASSOCIATING CONSUMERS’ TRUST IN E-COMMERCE ADOPTION

The success of electronic commerce significantly depends on providing security and privacy for its consumers’ sensitive personal information. Consumers’ lack of acceptance in electronic commerce adoption today is not merely due to the concerns on security and privacy of their personal information, but also lack of trust and reliability of web vendors. Consumers’ trust in online transactions is crucial for the continuous growth and development of electronic commerce. Since Business to Consumer (B2C) e-commerce requires the consumers to engage the technologies, the consumers face a variety of security risks. This study addressed the role of security, privacy and risk perceptions of consumers to shop online in order to establish a consensus among them. The findings provided reliability, factors analysis for the research variables and for each of the study’s research constructs, correlations as well as regression analyses for both non-online purchasers’ and online purchasers’ perspectives, and structural equation modeling (SEM) for overall model fit. The overall model was tested by AMOS 18.0 and the hypothesis, assumptions for SEM and descriptive statistics were analyzed by SPSS 12.0. The empirical results of the first study indicated that there were poor correlations existed between consumers’ perceived security and consumers’ trust as well as between consumers’ perceived privacy and consumers’ trust regarding e-commerce transactions. However, the construct of perceived privacy manifested itself primarily through perceived security and trustworthiness of web vendors. While trustworthiness of web vendors was a critical factor in explaining consumers’ trust to adopt ecommerce, it was important to pay attention to the consumers’ risk concerns on ecommerce transactions. It was found that economic incentives and institutional trust had no impact on consumers’ perceived risk. Findings from the second study indicated that perceived privacy was still to be the slight concern for consumers’ trust in e-commerce transactions, though poor vi i relationships or associations existed between perceived security and consumers’ trust, between trustworthiness of web vendors and consumers’ trust, and between perceived risk and consumers’ trust. The findings also showed that the construct of perceived privacy manifested itself primarily through perceived security and trustworthiness of web vendors. It was found that though economic incentives influenced a consumers’ perceived risk in online transactions, institutional trust had no impact on consumers’ perceived risk. Overall findings suggested that consumers’ perceived risk influenced their trust in e-commerce transactions, while the construct of perceived privacy manifested itself primarily through perceived security as well as trustworthiness of web vendors. In addition, though economic incentives had no impact on consumers’ perceived risk, institutional trust influenced a consumers’ perceived risk in online transactions. The findings also suggested that economic incentives and institutional trust had relationships or associations with consumers’ perceived privacy. The findings from this research showed that consumers’ perceived security and perceived privacy were not mainly concerned to their trust in e-commerce transactions though consumers’ perceived security and perceived privacy might slightly influence on the trustworthiness of web vendors in dealing with online store sites abroad. Furthermore, consumers’ perceptions on the trustworthiness of web vendors were also related to their perceived risks and the concern about privacy was also addressed to perceived risks. Index terms: Perceived security; perceived privacy; perceived risk; trust; consumers’ behaviour; SE

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Trust Management (TM) systems for authentication are vital to the security of online interactions, which are ubiquitous in our everyday lives. Various systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage trust in this setting. In recent years, blockchain technology has been introduced as a panacea to our security problems, including that of authentication, without sufficient reasoning, as to its merits.In this work, we investigate the merits of using open distributed ledgers (ODLs), such as the one implemented by blockchain technology, for securing TM systems for authentication. We formally model such systems, and explore how blockchain can help mitigate attacks against them. After formal argumentation, we conclude that in the context of Trust Management for authentication, blockchain technology, and ODLs in general, can offer considerable advantages compared to previous approaches. Our analysis is, to the best of our knowledge, the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology. To achieve this result, we first provide an abstract model for TM systems for authentication. Then, we show how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions. As a next step, we examine five prevalent attacks on TM systems, and provide evidence that blockchain-based solutions can be beneficial to the security of such systems, by mitigating, or completely negating such attacks.Comment: A version of this paper was published in IEEE Trustcom. http://ieeexplore.ieee.org/document/8029486

Using Control Frameworks to Map Risks in Web 2.0 Applications

Web 2.0 applications are continuously moving into the corporate mainstream. Each new development brings its own threats or new ways to deliver old attacks. The objective of this study is to develop a framework to identify the security issues an organisation is exposed to through Web 2.0 applications, with specific focus on unauthorised access. An extensive literature review was performed to obtain an understanding of the technologies driving Web 2.0 applications. Thereafter, the technologies were mapped against Control Objectives for Information and related Technology and Trust Service Principles and Criteria and associated control objectives relating to security risks. These objectives were used to develop a framework which can be used to identify risks and formulate appropriate internal control measures in any organisation using Web 2.0 applications. Every organisation, technology and application is unique and the safeguards depend on the nature of the organisation, information at stake, degree of vulnerability and risks. A comprehensive security program should include a multi-layer approach comprising of a control framework, combined with a control model considering the control processes in order to identify the appropriate control techniques.Web 2.0, Security risks, Control framework, Control Objectives for Information and related Technology (CobiT), Trust Service Principles and Criteria

European Digital Libraries: Web Security Vulnerabilities

Purpose – The purpose of this paper is to investigate the web vulnerability challenges at European library web sites and how these issues can affect the data protection of their patrons. Design/methodology/approach – A web vulnerability testing tool was used to analyze 80 European library sites in four countries to determine how many security vulnerabilities each had and what were the most common types of problems. Findings – Analysis results from surveying the libraries show the majority have serious security flaws in their web applications. The research shows that despite country-specific laws mandating secure sites, system librarians have not implemented appropriate measures to secure their online information systems. Research limitations/implications – Further research on library vulnerability throughout the world can be taken to educate librarians in other countries of the serious nature of protecting their systems. Practical implications – The findings serve to remind librarians of the complexity in providing a secure online environment for their patrons and that a disregard or lack of awareness of securing systems could lead to serious vulnerabilities of the patrons' personal data and systems. Lack of consumer trust may result in a decreased use of online commerce and have serious repercussions for the municipal libraries. Several concrete examples of methods to improve security are provided. Originality/value – The paper serves as a current paper on data security issues at Western European municipal library web sites. It serves as a useful summary regarding technical and managerial measures librarians can take to mitigate inadequacies in their security implementation

Towards successful e-Payment systems: An empirical identification and analysis of critical factors

This research aims to explore the factors relating to e-payment system to be implemented where electronic processes enable the facilitation of online transactions. A secondary analysis revealed six factors which are argued to be ‘critical’ for customer adoption of these systems. The findings were further augmented by an online survey of 155 respondents where the perceived importance of the critical factors were correlated through: security, trust, perceived advantage, assurance seals, perceived risk and usability. The results demonstrate that three of the critical factors were necessary (security, advantage, web assurance seals) and three were relatively sufficient (perceived risk, trust and usability) through customer intentions to adopt an e-payment system. The study provides a valid overall awareness that these critical factors are important in designing a successful e-payment system

Security for Grid Services

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations." The dynamic and multi-institutional nature of these environments introduces challenging security issues that demand new technical approaches. In particular, one must deal with diverse local mechanisms, support dynamic creation of services, and enable dynamic creation of trust domains. We describe how these issues are addressed in two generations of the Globus Toolkit. First, we review the Globus Toolkit version 2 (GT2) approach; then, we describe new approaches developed to support the Globus Toolkit version 3 (GT3) implementation of the Open Grid Services Architecture, an initiative that is recasting Grid concepts within a service oriented framework based on Web services. GT3's security implementation uses Web services security mechanisms for credential exchange and other purposes, and introduces a tight least-privilege model that avoids the need for any privileged network service.Comment: 10 pages; 4 figure