Web Commerce Security
eBook - ePub

Web Commerce Security

Design and Development

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Web Commerce Security

Design and Development

About this book

A top-level security guru for both eBay and PayPal and a best-selling information systems security author show how to design and develop secure Web commerce systems.

Whether it's online banking or ordering merchandise using your cell phone, the world of online commerce requires a high degree of security to protect you during transactions. This book not only explores all critical security issues associated with both e-commerce and mobile commerce (m-commerce), it is also a technical manual for how to create a secure system. Covering all the technical bases, this book provides the detail that developers, system architects, and system integrators need to design and implement secure, user-friendly, online commerce systems.

  • Co-authored by Hadi Nahari, one of the world's most renowned experts in Web commerce security; he is currently the Principal Security, Mobile and DevicesArchitect at eBay, focusing on the architecture and implementation of eBay and PayPal mobile
  • Co-authored by Dr. Ronald Krutz; information system security lecturer and co-author of the best-selling Wiley CISSP Prep Guide Series
  • Shows how to architect and implement user-friendly security for e-commerce and especially, mobile commerce
  • Covers the fundamentals of designing infrastructures with high availability, large transactional capacity, and scalability
  • Includes topics such as understanding payment technologies and how to identify weak security, and how to augment it.

Get the essential information you need on Web commerce security—as well as actual design techniques—in this expert guide.

Trusted by 375,005 students

Access to over 1 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Wiley
Year
2011
Print ISBN
9780470624463
eBook ISBN
9781118098912
Edition
1
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

Part I
Overview of Commerce

In This Part
  • Chapter 1: Internet Era: E-Commerce
  • Chapter 2: Mobile Commerce
  • Chapter 3: The Important “-ilities”

Chapter 1
Internet Era: E-Commerce

This chapter does not intend to bore you with history and old-age content. Quite the contrary; we want to fast forward to new-age technology and e-commerce core concepts. However, it is essential to understand the basic yet prominent building blocks of the field of commerce before we dig into the new era. To grasp e-commerce, you need to understand the following concepts:
  • Commerce
  • Payment
  • Distributed computing
Commerce and payment both have a much longer history than distributed computing, but that’s the beauty of e-commerce; it is where the old world meets the new world! We are going to discuss how payment worked in the old days, and then describe how it operates now.

Evolution of Commerce

The Merriam Webster dictionary defines commerce this way:
  1. 1. social intercourse: interchange of ideas, opinions, or sentiments
  2. 2. the exchanges or buying and selling of commodities on a large scale involving transportation from place to place
With the recent popularity of digital social networking, the first definition of commerce is gaining more relevance; however, it is the second meaning that is our primary focus in this book1. We would also like to add the term “services” to “ideas” and “opinions” in the preceding definition so that the term becomes more relevant for our purposes.
Not only is commerce a fundamentally social phenomenon, it is also a very human-specific act. At its core, commerce is a kaleidoscopic collision of humans’ unique ability to identify the need to optimize productivity, conserve energy, increase the chance of survival, exercise social abilities, and ultimately embark upon the act of exchange with other humans. Commerce is so deeply intertwined in our social fabric, and is such an integral part of our day-to-day life, it would be very hard to imagine civilization without it. By engaging in commerce, we express another facet of our intelligent and social behaviors. In other words, commerce is not just another simple human activity; it is a rather complex and sophisticated process that requires a great deal of knowledge, care, and attention to implement properly.
The oldest form of commerce is the barter system, which typically follows a direct-exchange mechanism where goods or services are directly exchanged for other goods or services. Barter is a direct system; a person offers goods or services to another person in exchange for goods or services that he needs. At its most basic form, the barter system suffers from scalability. That is, one has to physically carry the merchandise (in the case of goods), or be present personally (in the case of services) to interested parties, one by one, to be able to exchange for what he needs. Consequently, and to address this limitation, the marketplace was created — a place where merchants and customers show up during certain times and participate in exchanging goods and services. The marketplace is a social construct; that is, one needs to exercise communication, negotiation, and evaluation skills, among others, to successfully participate. The social facets of the marketplace are important here because they’re also aspects of e-commerce. Examples include establishing trust, providing value for a purchase, facilitating delivery of goods or services, and many more.

Hard vs. Digital Goods

Before we proceed further with the foundations of commerce, it is important to note the differences between hard goods and digital goods. Early on, people identified value in two categories: tangible products and intangible products. As the name implies, tangible goods deal with the area of commerce that has to do with physical merchandise and products such as commodities, vehicles, devices, and so on. Intangible goods, on the other hand, include products that are not physical entities, such as insurance policies and refund guarantees for payments, and usually have more to do with services and promises of actions. The concept of tangible vs. intangible goods is not specific to e-commerce; it has existed for almost as long as commerce has. Unlike most humans, computers work with binary values, zeros and ones, and digital entities. With the introduction of e-commerce, we have had to create yet another dichotomy to delineate what can be transported in computer-understandable format and what cannot. This is where the distinction between digital and hard goods is made. Computer-transportable products are referred to as digital goods, and all other products are hard goods (perhaps they are still resistant to becoming digitized).
Now we can have our very own definition of e-commerce as transporting any part of commercial tasks into the digital world so that computers can handle them. Seen from this perspective, then, it doesn’t matter whether you are dealing with tangible products and hard goods online or going to brick-and-mortar stores, or whether you need to make a payment on your computer or walk into a banking branch. For example, it was not too long ago that if you wanted to have an album of your favorite rock star, you had to go to a store and buy the album in the vinyl or cassette formats. These were analog formats. Then with the advent of compact discs (CD) the music became digitized. The next step was for the Internet infrastructure to become more ubiquitous and offer higher bandwidths, and also for the computers to have proper programs to receive and play music tracks right on a user’s personal computer. Once those requirements were satisfied, then the entire music delivery and consumption started to go online: hard goods gone digital. TV programs and other multimedia contents are following suit. In some parts of the world, you no longer need to buy a separate device (television) to watch your favorite programs; you can do all that on your personal computer.
The point is, the line between traditional and e-commerce is solid in some parts (for example you will always go to a dealer to purchase a car), but there are other parts of this line that are still blurred; you may at some point in the future have a hardware device on your personal computer that generates programmable odors in a digital form, so you won’t need to buy perfumes anymore! The recent improvements in three-dimensional (3D) printing technologies, where you can actually print out 3D objects might be seen as a step in this direction. All that said, the objective of e-commerce is to take what was once part of tangible commerce and re-envision it for the digital world.

Payment

Payment is one of the cornerstones of any commercial activity, including e-commerce. At the end of a successful commercial exchange the buyer wants to receive his goods and the merchant her money. As humans engaged in commercial activities throughout history, the need to find creative ways to scale and expand it became apparent. Introduction of money into commerce was a major leap toward making commerce scalable and to enable it to expand across the world. In this section, we discuss the foundation of payment, its main component (money), and the mechanics of money movement in modern systems.

Money

Early barter systems did not include a notion of money as it was a more advanced economic (and of course, social) construct that came in later. Money was invented to further facilitate commercial exchange. With the advent of money, humans were able to separate the notion of value from goods, represent it in an abstract form, and use it as an intermediary medium for commerce. Earliest forms of money were themselves material of intrinsic value (usually noble metals such as gold and silver), but the concept of it as an intermediary applies whether or not the medium has value itself. Money enables portability of value, scalability of exchange, and more novel governance and manipulation of value such as saving, investment, and other forms of economic growth. The scientific definition of money and its role in modern economy, in commerce, and in our social fabric are beyond the scope of this book, but suffice it to say that without money, civilization as we know it would most like...

Table of contents

  1. Cover
  2. Table of Contents
  3. Title
  4. Copyright
  5. Dedication
  6. About the Authors
  7. About the Technical Editor
  8. Credits
  9. Acknowledgments
  10. Foreword by John Donahoe
  11. Foreword by Scott Thompson
  12. Introduction
  13. Part I: Overview of Commerce
  14. Part II: E-Commerce Security
  15. Appendix A: Computing Fundamentals
  16. Appendix B: Standardization and Regulatory Bodies
  17. Appendix C: Glossary of Terms
  18. Appendix D: Bibliography
  19. Index
  20. End User License Agreement

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Web Commerce Security by Hadi Nahari,Ronald L. Krutz in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.