Question

List & give an example of ‘real world’ security breaches that actually happened and still happening as they relate to each of the six dimensions of e-commerce security- (one for each dimension) table 5.3

Integrity

Nonrepudiation

Authenticity

Confidentiality

Privacy

Availability

Answer 1

The most common security breach for the ecommerce website is concerned on six dimensions of e-commerce security

1.Integrity
2.Nonrepudiation
3.Authenticity
4.Confidentiality
5.Privacy
6.Availability

1.Integrity
prevention against unauthorized data modification

Example: The most common threat will be “would any unauthorized person will intercept and redirect payment into a different account” since ecommerce sites prefer online transfer mostly.

2.Nonrepudiation
prevention against any one party from reneging on an agreement after the fact

Example: When a merchant doesn’t have enough proof of customers who have ordered with them during a credit card payment transaction, it will not be processed further to the merchant.

3.Authenticity
authentication of data source.

Example: Some users can use a fake email address to access any of the ecommerce services.

4.Confidentiality
protection against unauthorized data disclosure.

Example: Ecommerce uses a user name and password to login to their account. Let’s consider this case for resetting the password, where an ecommerce site sends a one-time password to their customer in email or phone number if someone else reads it.

5. Privacy
provision of data control and disclosure.

Example: If a hacker breaks into the ecommerce site, they can gain access to the customer credit card details or any other customer information. This also violates information confidentiality and personal privacy.

6.Availability
prevention against data delays or removal.

Example: An ecommerce website can be flooded with useless traffic that causes to shut down your site, making impossible for the user to access the site.