International Journal of Advances in Scientific Research and Engineering-IJASRE

Designing A New Framework for Securing Electronic Commerce Systems at Design Phase: With A Special Reference to an Emerging Economy

Article Category: Computer science engineering

DOI: 10.31695/IJASRE.2019.33501

Pages: 92-106

Author: Andeh Chioma P R,Amujo Oluyemi E,Aliyu Omeiza,M.B. Hammawa

Abstract: In an emerging economy like Nigeria, internet-based businesses are growing at an exponential rate but this growth is highly threatened by many instances of fraud and e-systems’ compromise. While a lot of research work has been done on how to secure e-commerce transaction protocols, improve cryptographic schemes and amend the technical and business issues in e-commerce, the area of mitigating security challenges by incorporating security modules at design time has not been thoroughly explored. Hence, in this paper we present a framework for e-commerce security with a focus on four security design countermeasures models; Authentication, Authorization, enforcement of Access Control and Protection of Transaction privacy. The proposed framework which enhances National Institutes for Standards and Technology (NIST) security model, ensures that adequate security measures are incorporated in an e-commerce system at design time. The framework also ensures designing of secured e-commerce systems which are devoid of the expensive cost implication of system development life cycle incurred by security defects in the system testing phase which traces back to design shortfalls. For the purpose of this research work, we evaluate features called Malicious Attack Enablers (MAE) which aid malicious attack to thrive. The proposed framework will, therefore, aim at securing e-systems against these MAEs while satisfying legitimate user requirements. We assert the competence of our proposed framework by incorporating our security models into a SET enabled existing e-commerce system design, which will illustrate the effectiveness of our framework at the design phase as opposed to waiting till the testing phase. So we show that our new framework will unscramble the design of cost-effective e-commerce systems with curbed security vulnerabilities while contributing to the improvement of e-commerce security standards. 

Keyword: Authorization, Authentication, Attacks, E-Commerce. Security

This work is licensed under a Creative Commons Attribution 4.0 (International) Licence. (CC BY-NC 4.0)
Copyright © 2018 IJASRE All Rights Reserved

Hit Web Stats