Reliability of E-commerce System
4.2 Reliability of E-commerce System
The reliability of e-commerce system is the foundation of e-commerce security, referring to the safe operation of e-commerce system free of malicious attacks. If
a system cannot work properly without any attack from outside, e-commerce security is not worthy of being mentioned. The security problem and reliability problem of the system itself can be divided into several categories.
(1) Data loss caused by absence of backup system. After the traditional commercial transaction is digitalized, information has become the most valuable asset of the enterprise. Any loss of data means the loss of asset. Thus data backup is the first step to do to ensure e-commerce security.
Introduction to E-commerce
(2) Attack caused by virus. Nowadays virus is on the rise and brings more and more harms. The virus could be transmitted through the disks, or via the Internet. Although the virus is not aimed at a particular enterprise or information system, it might cause unstable operation of the system, or great reduction of the system performance, which will also cause great loss to the enterprise.
(3) Error operations. Error operations may be caused by operators who are unfamiliar with the information system; the most harmful operation is the deletion of important data without possibility of restoring it. This kind of mistake causes losses that are similar to that by failure of data backup.
(4) Hardware failure, network or software failure. The hardware and software used in the system cannot be 100% reliable, system failure caused by hardware or software failure can also affect the normal operation of the enterprise.
(5) System breakage caused by accidents. Accidents such as power failure, fire, lightning and earthquakes might cause the system failure.
(6) Insufficient security configuration and system management. These also can cause many problems in the operation of the system, such as improper authorization, which may cause collision within the system and inconsistency of database.
(7) Fundamental security problems of the communication protocols. The communication protocols being used now do not take security issues into consideration, and direct use of the protocols to transmit the confidential information is not secure even though there is no malicious attack.
(8) Other problems. There are some other problems such as application software based on WWW and FTP, and imperfect service programs.
To solve such problems and ensure the security of the network itself, we need to implement corresponding solutions to enforce the security in response to particular problems existing on the network. The following measures can be taken:
(1) Enhance the data backup and recovery by using data storage technologies such as RAID5.
(2) Install anti-virus software to enhance the integral anti-virus mechanism in the intranet.
(3) Enhance the training of the network operators to reduce the errors; control the use and modification of the important data by means of access control and strict authorization mechanism.
(4) Regularly scan on the network to find out possible security loopholes and make timely modification.
(5) Redundancy technology and backup technology are to be used to enhance the system reliability.
(6) Enhance the security of the host by well setting configuration and installing timely patches to reduce loopholes.
(7) Establish necessary physical or logical isolation for sensitive equipments and data.
Apart from technologies listed above, the decisive element of e-commerce security is the human, or the management. There is no security without security
4 Security Technologies in E-commerce
supervisor and security guidelines. For the sake of security, efforts should be made to formulate security strategies and provide the training program for the staff. Multiple measures such as technological, managerial, legal, and economic means should be used to ensure the security of e-commerce systems.