Online security in e-business refers to the practices and techniques that are employed to protect sensitive information and data of e-businesses, their customers, and other stakeholders from unauthorized access, theft, modification, or destruction. With the increasing reliance on technology and the internet, e-businesses face a variety of security threats that can result in financial losses, damage to reputation, and loss of customer trust.
To mitigate these risks, e-businesses need to implement robust security measures, which include secure connections, strong authentication, regular software updates, strong passwords, data encryption, and regular security audits. In today’s highly competitive digital marketplace, online security is not only a regulatory requirement but also a critical business necessity that can significantly impact an e-business’s success and sustainability.
Table of Content
- 1 Elements of Online Security
- 2 Managing Client Computer Security
- 3 Managing Server Computer Security
- 4 The solution to Database Threats
- 5 Firewalls
- 6 Security Standards
Elements of Online Security
Threats to online security primarily involve information or data theft. Thus, it is important to deploy online security measures while keeping in mind the three basic elements of online security. These elements are as follows:
These processes determine whether an individual or a website is actually what it claims to be. In a computer network, the process of authentication or authorization is usually carried out by using user names and passwords. Password knowledge usually authenticates the validity of a user. However, a difficulty with passwords is that they can be stolen, accidentally revealed, or forgotten.
Instead of passwords, organizations and individuals using the Internet for business or other transactions require a stringent authentication procedure. For example, organizations are adopting digital certificates using the Public Key Infrastructure (PKI) as a security measure for authentication. Through PKI, individuals can exchange information or funds by using a pair of public and private cryptographic keys. These keys are obtained through a trusted authority.
The integrity of information or data refers to the assurance that data exchanged over the Internet by individuals can be accessed or altered by only authorized users. It involves:
- Regulating the physical environment of networks and servers
- Limiting access to data
- Following stringent authentication procedures
The process of ensuring data integrity involves various procedures such as:
- Allowing server accessibility to network administrators only
- Protecting the transmission media, such as cables and connectors, to avoid tapping
- Shielding the hardware and storage media from power gushes, electrostatic discharges, and magnetism
Confidentiality refers to the practice of preventing sensitive information from reaching unauthorized individuals who may have malicious intentions. It also ensures that entitled individuals can access information when required.
It is essential to ensure the confidentiality of data over data networks that allow accessibility and anonymity of usage, especially where sensitive data such as bank accounts, credit card details, and personal information are concerned. Some methods of ensuring confidentiality are:
It involves modifying the data into an encrypted form (also known as ciphertext), making it difficult to be understood by unauthorized users. The encrypted data is later converted back into its original form for a clear understanding of the intended users. This process of converting encrypted data to its original form is known as decryption.
It is a method of verifying an individual’s authenticity by evaluating his/her unique biological traits, such as fingerprints, retina and iris patterns, and voice waves.
Apart from authentication, authorization, integrity, and confidentiality, online security involves various other security concerns. The table displays these concerns:
|Accessibility||To ensure that users can have access to resources and services open for access.|
|Non-repudiation||To ensure that the creators of messages cannot deny that they have transmitted messages.|
|Availability||To ensure that a network is available, operational, and functional at a given time. DoS attacks are a major concern in this regard.|
|Privacy and copyright infringement||To ensure that users have the right to control the information being collected about them, who uses it, and how.|
Managing Client Computer Security
All computers connected to the Internet can be categorized into two types, which are:
- Server Computers: The computers that provide Web services to other computers in a network are called server computers.
- Client Computers: The computers that receive Web services are referred to as client computers.
Both the server and client computers are susceptible to security threats, such as malicious codes, DoS attacks, or theft, all of which need to be managed through appropriate measures. Therefore, client computer security is an important concern.
Client computer security can be maintained by using four essential components. Let us discuss these components in detail.
It is used to prevent, detect and remove malicious software called malware, such as viruses and worms. Antivirus software performs the following basic function:
- Scanning specific files or directories for any malware
- Scheduling automatic system scans to trace any malware
- Initiating the scan of any data storage devices, such as floppy discs, compact discs, pen drives, or flash drives, at any given time
- Removing the detected malicious code
- Alerting the user of an infected file or Website on the Internet
Anti-spyware software protects against spyware. Spyware is software that gathers one’s personal or organizational information without his/her consent or knowledge. It may direct this information to other organizations without the owner’s consent.
Network Virus Defence
A network virus is malicious software that spreads within a network. It can be extremely damaging as it may pass on to all client computers in the network and can bring the entire network to a halt. The main defense against network viruses is firewalled that prevents any unauthorized access into a network.
Firewalls are generally installed in both hardware and software. Once firewalls are implemented, all messages entering or leaving a computer will have to pass through them. Firewalls check each message if it meets the specific criteria before letting it pass. In case the message being passed does not meet the criteria, it is blocked.
Outbreak defense refers to a combination of services that defend networks in the event of a global network outbreak. It repairs client computers exposed to viruses or malware during the outbreak. It involves the utilization of the vulnerability pattern of the server.
Vulnerability is a flaw that enables an attacker to target the system’s security and disable security features in the system. The vulnerability pattern provides a direction to the scan engine for scanning known vulnerabilities so that these can be replaced with proper defense mechanisms.
In e-commerce, the security of customers is a major concern. Millions of transactions and sensitive information are exchanged exposing customers to various threats to their security. The client computers need to be empowered with robust defense mechanisms to build confidence in online trading and transactions and, hence, the promotion of e-commerce.
Managing Server Computer Security
E-commerce is the transaction of goods and services and the payment for those goods and services over the Internet. Due to its high dependence on the Internet for all transactions, it is a highly vulnerable target for online risks and attacks.
All e-commerce transactions take place at systems that serve as server computers. These server computers can be viewed as the ‘place of business’, consisting of the website that displays products and services, customer database, and payment gateways.
As e-commerce transactions are highly dependent on server computers, e-commerce servers are also exposed to various security threats. Any attack on the server might prove disastrous to the organization. Thus, server security acquires great significance.
A secure server system supports any of the major security protocols used to encrypt and decrypt messages for guarding against third-party altering. Thus, it translates users’ personal information into secret codes making it difficult to understand any unwanted user. To ensure the security of a server system, the server administrator can implement the following security options:
These are designed to provide the following support services to each server under their control:
- Logging support
- Returning messages to connections
- Permitting a server for accepting requests from internal clients
Secure Sockets Layer (SSL)
This is a cryptographic protocol designed to provide information security over the Internet. It translates data being transferred over the network into a non-readable encrypted language and decrypts it on delivery. This conveys three basic elements of information security: data authentication, integrity, and confidentiality.
Threats to E-business Servers
To be able to manage the security of server computers, it is important to understand prevailing threats to e-business servers. These threats fall into two general categories, which are:
Threats From an Actual Attacker
These include a deliberate introduction of malicious code, such as worms or viruses, into the server or transmission threats, such as DoS attacks.
This can involve issues such as a network not being organized properly, which might result in data loss during transmission, especially in the case of wireless access. Poorly coded programs for an e-commerce website are most susceptible to technological threats.
An e-commerce server generally uses an Operating System (OS), such as Windows XP or Windows 7; server software, such as Internet Information Services (IIS); and a database, such as Oracle or SQL Server 2000. In case of any security flaw in these platforms, they become exposed to technological threats and attacks.
Threats to Database
Just like servers, databases are also exposed to security threats. They are the most vulnerable asset to security threats because they are the core of any business and contain sensitive and confidential data related to processes, customers, inventory, and finance.
When malicious individuals (both outside and inside the organizations) gain access to sensitive data, they can damage, destroy, or misuse information impacting business operations. Major threats to the database can be:
When privileges given to users for day-to-day operations exceed their requirements, chances of privilege abuse increase. For instance, in a financial institution, a database administrator may turn off the audit trail or make bogus accounts and transfer money from one account to another; thus abusing the privilege intentionally.
Vulnerabilities in Operating Systems
In operating systems like Windows, Linux, and Unix, there exist vulnerabilities that may be related to databases leading to unauthorized access; thereby resulting in the DoS attack.
These are programs and procedures that exist in a database but are not visible to users. Database rootkits provide administrator-level privileges to an individual to access the data in the database.
The solution to Database Threats
The following solutions are proposed to counteract the security risks that databases may face.
- Discovery and Assessment
- User Rights Management
- Monitoring and Blocking
- Data Protection
- Non-technical Security
Discovery and Assessment
One of the most effective measures to protect the database is to identify vulnerable areas and assess loopholes. For example, one can identify malware-infected machines to prevent viruses, worms, and other threats from accessing sensitive information in databases and thus prevent any further infection. An organization must identify and classify sensitive data from the rest of the information. This will help the organization to focus on the security of sensitive data using better authentication and scanning tools.
User Rights Management
An organization assigns its users different levels of accessibility to its systems. It distinguishes users who have more privileges from those who have limited privileges. This will help to determine if user access rights are suitably defined among individuals according to their roles and responsibilities.
In this way, the organization can remove unnecessary rights assigned to users. Hackers often use such excessive rights to impersonate users for getting access to sensitive data. Therefore, if an organization removes excessive rights, it will be able to secure data against malware.
Monitoring and Blocking
It involves the monitoring of database access activities and usage patterns by an organization. This helps the organization identify data outflow, unauthorized transactions, or DoS attacks. If there is an attempt to access unauthorized data, the system should generate an alert or terminate the user session.
It has been found that the most common way in which viruses or worms enter a system is through Internet downloads or applications. Therefore, the first line of defense in any system is to use a firewall. A firewall identifies and blocks such websites that initiate malware attacks.
An organization should audit the physical security of data centers and the logical security of databases to identify vulnerable systems. This will help it to reduce risks involved in such areas.
This involves various methods to protect sensitive data from leakages, such as archiving, encrypting, or compressing. An organization can combine data protection techniques with data auditing to monitor and regulate users who come in contact with the database.
Database security also requires certain non-technical considerations. For example, it is important to provide proper training to administrators and technicians to improve their security knowledge and skills. An organization can also hire third-party security specialists to help in implementation and security assessments and provide training and support to administrators.
A firewall is a necessary and effective tool to manage the security of server computers. It is named so because it acts like a physical firewall, which is a wall built between buildings to prevent a fire from spreading. In computer terminology, a firewall can be defined as a software program or hardware that prevents the arrival of viruses or worms to a computer connected to the Internet.
Consider understanding how a firewall protects a network from outside threats. An organization installs a firewall to prevent outsiders from gaining access to private data.
The firewall works closely with a router and examines each network packet to regulate incoming and outgoing network traffic. It is usually installed in a specially elected computer, distinct from others in the network so that an incoming request cannot acquire direct access to private network resources.
To be able to manage security issues in e-commerce, certain security standards define security standards for e-payment. These security standards are built on integrity, confidentiality, and accessibility of exchanged data.
The security standards for e-payment are outlined by PCI DSS. PCI DSS is a product of the Payment Card Industry Security Standards Council formed by participating payment brands such as Visa International, Master Card, American Express, Diners Club, and JCB International. It is a global forum that aims to store, distribute, implement, and improve security standards for account data protection.
The objective of PCI DSS is to establish a global standard for addressing vulnerability and risks associated with the handling of credit debit card data across all industries. A payment gateway needs to comply with PCI DSS standards that the transaction data and card information received at the payment gateway shall never be shared or used for any other purpose.