alexa How to Set Security Policy for Electronic Commerce Services? | OMICS International
ISSN: 2168-9695
Advances in Robotics & Automation
Make the best use of Scientific Research and information from our 700+ peer reviewed, Open Access Journals that operates with the help of 50,000+ Editorial Board Members and esteemed reviewers and 1000+ Scientific associations in Medical, Clinical, Pharmaceutical, Engineering, Technology and Management Fields.
Meet Inspiring Speakers and Experts at our 3000+ Global Conferenceseries Events with over 600+ Conferences, 1200+ Symposiums and 1200+ Workshops on
Medical, Pharma, Engineering, Science, Technology and Business

How to Set Security Policy for Electronic Commerce Services?

YAU Hon Keung*

Department of Systems Engineering and Engineering Management, City University of Hong Kong, Kowloon Tong, Kowloon, Hong Kong

*Corresponding Author:
YAU Hon Keung
Department of Systems Engineering and Engineering Management
City University of Hong Kong, Kowloon Tong, Kowloon, Hong Kong
Tel: 852-3442-6158
E-mail: [email protected]

Received December 03, 2013; Accepted December 05, 2013; Published December 07, 2013

Citation: Hon Keung YAU (2013) How to Set Security Policy for Electronic Commerce Services? Adv Robot Autom 2:e115. doi:10.4172/2168-9695.1000e115

Copyright: © 2013 Hon Keung YAU. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Visit for more related articles at Advances in Robotics & Automation


Data leakage has been one of the most important concerns for many big companies since this problem could bring enormous loss to the company. In this information technology era, data security has become significantly essential and useful yet difficult task since technology is evolving so fast everyday or even minute. Electronic commerce is popular all over the world, however, people face a lot of security problems when they perform the transaction through the web site. Calder [1] mentioned that the standard (ISO/IEC27001:2005) can enable organizations throughout the world to ensure that they are applying information security best practice in their organizations.

Security Policy for Electronic Commerce Services

This section covers these cure use of electronic commerce services and information available in public accessible systems. The following are included:

1. Electronic Commerce and Web Servers

2. On-line Transactions

3. Publicly Available Information.

Electronic commerce and web servers

Objective: To protect the companies’ electronic commerce when using public networks.

Justification: Electronic commerce needs to be protected as it is vulnerable to a number of network threats that could result in fraudulent activity, contract dispute, and dis closureor modification of information.

Guidelines: The following need to be considered

1. The identity of the other party must be authenticated through authentication mechanism like public key, digital signatures, digital certificates or even trusted third parties

2. Only authorized users (members) may place orders, set prices or sign trading contracts

3. Confidentiality, integrity, proof of dispatch, order transactions, payment information, delivery address details, confirmation of receipts and contracts should be determined and maintained

4. Liability associated with any fraudulent transactions must be addressed

5. Use the most appropriate settlement form of payment to guard against fraud

6. Payment information supplied by a customer must be verified

7. Avoid loss or duplication of transaction information

8. Addressed considerations by cryptographic controls, taking into account compliance with legal requirements

9. For electronic commerce arrangements with trading partners, a documented agreement including details of authorization and agreed terms of trading should be made.

On-line transactions

Objective: To protect the companies’ information used in on-line transactions.

Justification: To protect company and customers from incomplete transmission, misrouting, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay. On-line transactions include contractual and financial amongst others.

Guidelines: The following measures must be considered for online transactions. The level of therisk associated should be considered:

1. Use electronic signatures by both parties involved in the transaction.

2. Ensure that user credentials of all parties are valid and verified

3. Ensure that the transaction remains confidential

4. Ensure that privacy associated with all parties involved is retained

5. The communications paths must be encrypted and the protocols used t must be secured so that transaction details must be stored in a non-public accessible environment and not directly accessible via the internet.

6. Where a trusted authority for the purposes of issuing and maintaining digital signatures and/or digital certificates is used, security must be integrated and embedded throughout the entire end-to-end certificate/signature management process.

7. Ensure that transactions comply with laws, rules, and regulations

Publicly available information

Objective: To protect the integrity of information made available on publicly available ystems

Justification: Information on a publicly available system could be subject to unauthorized modification or deletion if not properly protected. This could damage the company’s reputation.


1. Exploit able vulnerability should be identified and fixed by having penetration test before publishing information

2. Formal approval process must be made before publishing information

3. All data obtained from outside sources should be verified and approved.

4. Feedback and direct information entering systems should be carefully controlled that it complies with the law, rules, and regulations and is accurate in a timely manner

5. Sensitive information will be properly protected a tall stage

6. Only authorized users can have access to the system


Select your language of interest to view the total content in your interested language
Post your comment

Share This Article

Relevant Topics

Recommended Conferences

Article Usage

  • Total views: 11533
  • [From(publication date):
    December-2013 - Jan 20, 2018]
  • Breakdown by view type
  • HTML page views : 7780
  • PDF downloads : 3753

Post your comment

captcha   Reload  Can't read the image? click here to refresh

Peer Reviewed Journals
Make the best use of Scientific Research and information from our 700 + peer reviewed, Open Access Journals
International Conferences 2018-19
Meet Inspiring Speakers and Experts at our 3000+ Global Annual Meetings

Contact Us

Agri & Aquaculture Journals

Dr. Krish

[email protected]

1-702-714-7001Extn: 9040

Biochemistry Journals

Datta A

[email protected]

1-702-714-7001Extn: 9037

Business & Management Journals


[email protected]

1-702-714-7001Extn: 9042

Chemistry Journals

Gabriel Shaw

[email protected]

1-702-714-7001Extn: 9040

Clinical Journals

Datta A

[email protected]

1-702-714-7001Extn: 9037

Engineering Journals

James Franklin

[email protected]

1-702-714-7001Extn: 9042

Food & Nutrition Journals

Katie Wilson

[email protected]

1-702-714-7001Extn: 9042

General Science

Andrea Jason

[email protected]

1-702-714-7001Extn: 9043

Genetics & Molecular Biology Journals

Anna Melissa

[email protected]

1-702-714-7001Extn: 9006

Immunology & Microbiology Journals

David Gorantl

[email protected]

1-702-714-7001Extn: 9014

Materials Science Journals

Rachle Green

[email protected]

1-702-714-7001Extn: 9039

Nursing & Health Care Journals

Stephanie Skinner

[email protected]

1-702-714-7001Extn: 9039

Medical Journals

Nimmi Anna

[email protected]

1-702-714-7001Extn: 9038

Neuroscience & Psychology Journals

Nathan T

[email protected]

1-702-714-7001Extn: 9041

Pharmaceutical Sciences Journals

Ann Jose

[email protected]

1-702-714-7001Extn: 9007

Social & Political Science Journals

Steve Harry

[email protected]

1-702-714-7001Extn: 9042

© 2008- 2018 OMICS International - Open Access Publisher. Best viewed in Mozilla Firefox | Google Chrome | Above IE 7.0 version