Data Security in the Digital Era:
Issues and Challenges

Dr. Jayanti Goyal                    Anjali Vijayvargiya

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

 

 

 

Author Details

Dr.
Jayanti Goyal                                                                    Anjali
Vijayvargiya

 HOD,
Dept. of Computer Science                                        Assistant
Professor,

Kanoria PG Mahila Mahavidyalaya                                        Kanoria
PG Mahila Mahavidyalaya

Address:                                                                                  Address:

 

Contact
No.: +91-9828458172                                               Contact
No.: +91-9461641495

E-mail:
[email protected]                                         E-mail:
[email protected]

 

 

 

 

Abstract:

Data
plays an important aspect in our daily routine; whether it is for accessing the
bank account or it is for paying the bill over the network. At present, in this
generation of digitalization, personal information vulnerabilities have
increased so far. So security becomes a crucial part in any online transaction.
This information can keep private by various security measures, including
strong authentication, encryption and digital signatures; each ensuring that
our precious data is available only to those who have authorized access rights.
These security measures are very capable to prevent unauthorized access of
personal data. There are 2 major concerns for both e-commerce customers and
websites; Privacy is the control over one’s own data whereas Security
is the protection which prevents unauthorized access on the data over the network.
Customers will lose their faith towards e-commerce if their data security is
compromised at any level.

Today,
due to its ubiquitous nature, E-Commerce sites are accessed by anyone at
anywhere. As customers increases the risk have also increased in such a way
that we have to considered security as a major concern. This paper would throw light on E-commerce security, its
purpose, different security issues and challenges and how they affect trust and
behavior of a customer in the environment of purchasing.

 

 

Keywords:
E-Commerce, Authentication, Encryption, Digital Signature, Privacy, Security

 

 

Introduction:

E-Commerce
or electronic commerce is widely considered as buying and selling the goods and
services over the network. It includes vast business area such as shopping,
banking, tickets booking, paying bills and taxes, food delivery and much other
option available.  E-commerce is subdivided into three categories: business
to business or B2B (Cisco), business to consumer or B2C (Amazon), and consumer
to consumer or C2C (eBay). E-commerce Security is a part of the Information Security
framework and is specifically applied to the components that affect e-commerce
that include Computer Security, Data security and other wider realms of the
Information Security framework. E-commerce security has its own particular nuances
and is one of the highest visible security components that affect the end user
through their daily payment interaction with business.

 

 

 

Web
e-commerce applications that handle payments such as electronic transactions
using credit cards or debit cards, online banking, PayPal or other tokens have
more compliance issues and are at increased risk from being targeted than other
websites as they suffer greater consequences if there is data loss or
alteration. Mule, Trojan horse and worms if launched against client systems,
pose the greatest threat to e-commerce privacy and security because they can
subvert most of the authorization and authentication mechanisms used in an
ecommerce transaction. Trust has always been an important element in
influencing consumer behavior toward merchants and has been shown to be of high
significance in uncertain environments such as Internet-based EC environments.
While a variety of factors such as branding and store reputation may influence
trust, one missing factor is the face-to-face communication and lack of touch
and feels which is present in physical interactions. Therefore, it has been
argued that trust would be favorably influenced by increase in perceptions of
security and privacy in EC transactions.

 

Security
in E-Commerce:

 

 

 

 

 

Security
Issues in E-commerce:

Data is transferred over the network by login or by transaction details. To
secure those data from unauthorized access, E-commerce security provides a
protection layer on e-commerce assets. Consumers hesitate by the fear of losing
their financial data and e-commerce sites frighten about their financial losses
and that results to bad impact on publicity. There are many security issues
associated with e-commerce such as critical issues, social issues and
organizational issues. An online transaction requires a customer to disclose
sensitive information to the vendor in order to make purchase, placing him at
significant risk. Transaction security is concerned with providing privacy in
transactions to the buyers and sellers and protecting the network from
breakdowns and third party attack. It basically deals with-

1.     
Issues
related with customers or Clients Security – if their data is not
secured over the network, then it is an issue to think about. Organization has
to provide security feature and take guarantee that data is secured by them. Techniques
and practices that protect user privacy and integrity of the computing system.

2.     
Issue
related with Server Security – to protect web server, software and
associated hardware from break-ins, vandalism from attacks. If there is an
error in that software which implements security and by any reason it is not
providing that security so it is the second case which also takes seriously.

3.     
Issue
related with Transactions Security – to provide guarantee
protection against eavesdropping and intentional message modification such ad
tapping, intercepting and diverting the intended data.

A. Security threats

The various types of security threats exist in e-commerce.

1.     
Malicious
Code – it is harmful code that harms the computer system and makes it useless
after attack. It includes virus, worms, Trojan horse etc.

2.     
Phishing
and identity theft – it is a type of attack in which user data such as login
credentials and credit and debit card numbers steal by the attacker by
providing an email, instant message. By clicking in this malicious link and
providing his/her details then, their data hack easily by the intruder.

3.     
Unauthorized
access- it includes illegal access to data or systems for some malicious
purpose. Two types of attack are included for unauthorized access, one is
passive unauthorized access, in which the hacker keeps his eye only on the data
that is over the network and further used it for their own illegal ambitions. However,
in active unauthorized access the hacker modifies the data with the intention
to manipulate it. Home computer, point-of-sale and handheld devices can easily
get affected by this attack.

4.     
Denial
of service- hackers flood a website with useless traffic to target a computer
or a network and to stop them working properly. It may occur by spamming and
virus. Spamming is an unusual email bombing on the targeted device by the
hacker. By sending thousands of email one after the other, the system is
affected by this attack.

5.     
Theft
and fraud- fraud occurs when the stolen data is used or modified for illegal
action. Hackers break into insecure merchant web servers to harvest archives of
credit card numbers generally stored along with personal information when a
consumer makes an online purchase. The merchant back-end and database is also
susceptible for theft from third party fulfillment centers and other processing
agents.

B. Defensive measures against security threats

The defensive measures used in transactions security are:

1.     
Encryption

2.     
Secure
Socket Layer

3.     
Secure
hypertext transfer protocol

4.     
Digital
Signature

5.     
Digital
Certificate

Challenges:

Conclusion:

References:

 

 

x

Hi!
I'm Joan!

Would you like to get a custom essay? How about receiving a customized one?

Check it out