Professional Documents
Culture Documents
9 ISSN: 1837-7823
Abstract
When we are studied out the E-Commerce services, we can easily find out the security this sector is how much essential. In the field of E-Commerce most of the security issues are arising from the side of user attention. And they become growingly admired on internet and web environment. In this paper we have find out the survey of Risk Assessment in the field of E-Commerce. The information exchange on the network is very important for E-Commerce and this is always a key factor that affects the security of E-Commerce.Many risk assessment tactics are existing, that specialized in different kinds of risk or different areas of concern.Risk assessment is the most important face in the field of E-Commerce, and most of the risk factors and its possibilities in E-Commerce are evaluated by methods of engineering services and terminologies. Basically there are some kinds of risk analysis methods are available for the e-commerce security which measure and calculate the ecommerce security risk. Hence the study of the risk analysis methods and the management strategies are provided an available security skeleton. And this paper present risk analysis measurement and move toward for e-commerce. This paper also adapts the security faces in commercial services. Keywords: e-commerce; security analysis; CIM model; Fuzzy logic, FI model.
1. Introduction
With the continuously changes in on line business development of the e-commerce field the great changes of management circumstance are arising, which involves the traditional risk management confronted with defiances, the ecommerce risk supervision becomes an important issue of theory and practice. The e-commerce security is increasing as well as the on-line business is extended. For creating the safe and convenient e-commerce application environment, the security of information has become the attention of e-commerce.[1] Appropriate to energetic growth of internet technology, e-commerce is becomes the marvelous expansion which based on the network and multimedia technology. The e- commerce is also a public network, such as internet, the online transactions is performed by open computer network, which is fast and effective for the variety of business process. [7] In risk assessment, the most important factor is to decide what a hazard in the workplace is. If the risk is finding to be major enough, protection should be put into place so that the risk is minimized with altogether.[5] Fundamentally the Risk analysis is mainly performed by using risk matrix method the method based on CIM and FI models. E-commerce is faced with various risks. It is important that, you recognize the risks facing your e-commerce system, and the probable crash of any security event. Various kinds of risks are involved in the materialization of e commerce, but also bring new risks in the area of financial services. Lots of standardized norms and experiences are observed by other countries. On the other hand, the research and practice of e-commerce risk management are relatively toward the back, hence making a inclusive security risk assessment for modern days commercial requirements [5].
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823
HIGHER
HIGH
MEDIUM
LOW
LOWER
LOSS DEGREE HIGHER HIGH MEDIUM LOW LOWER 10,10 8,10 6,10 4,10 2,10 10,8 8,8 6,8 4,8 2,8 10,6 8,6 6,6 4,6 2,6 10,4 8,4 6,4 4,4 2,4 10,2 8,2 6,2 4,2 2,2
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823 have a membership worth of not solely zero or one that's, the degree of truth of an announcement will vary between zero and 1and isn't forced to the 2 truth values of classic formal logic.[1] Fuzzy logic comes out as a significance of the 1965 proposal of fuzzy set theory by Lotfi Zadeh. Though fuzzy logic has been concerned with too many fields, from control theory to artificial intelligence, It still remains contentious among most statisticians, who prefer Bayesian logic, and some prevention engineers, who prefer conventional two-valued logic.[5]
3.2.2.CIM Model
CIM model (control interval and memory model) is a kind of risk analysis model put forward by American scholars coopor and chapman. There are serial response model and the parallel reaction model, which were correspondingly the serial or parallel some of variable probability distribution. If an event has n risk factors and the occurrence of each factor will separately control the event, then the probability distribution model with n risk factors is called parallel response model.[1]
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823 The step of structure FIM as following: Universe of discourse A is split into Z subsets in step with some attribute, recording as following:
where the Ai = {ai1, ai2, ai3, .., aif } i = 1,2, ., z; f is factor number in Ai. (1) Going single level FIM for every Ai assuming evaluation set B = { b1, b2, b3, ., bm }, set of factors weighing of Ai as follows: Xi = (x1, x2, x3, ., xif)
Evaluation matrices of single issue of Ai is Ri; analysis model of single issue is Xi American state = Bi (i = one, 2, 3, ..f) (2) Regarding each Ai as an element, Bi is regarded one issue to evaluate: during this approach a membership matrices is obtained as following:
Ai in concert a part of A reflects its one attribute. in step with their importance consideration set are often given as following: X = (x1, x2, x3, .xf) : then second level FIM are often obtained as following: XR = B. frequently, 3 levels or structure model are often obtained. [5]
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823
Clint Banks China Merchant Bank Industrial and Commercial Bank of China Agriculture Bank of China China Construction Bank Bank of China Transportation Bank of China
Account Information Security Active Controls General Controls General Controls General Controls General Controls General Controls
Cipher Information Security Active Controls Security Active Controls General Controls Soft keyboard General Controls Soft keyboard General Controls Security Active Controls
Yes
Yes
No Yes
Data analysis shows that the client-side security protection for online banking dose needs improvement. Most banks use single secret message security setting system is defenseless to virus attacks. one in all the necessary characteristic of on-line banking is that it offers safe and customized client service anytime, anyplace and anyhow. Without noise security safety will cause online banking transaction fail. User-side protection is weakest part of online banking service suppliers [8]. The application of encryption to provide validation and isolation of online operation, cryptography offer the beginning for achieving access control, transaction permission, data reliability and liability.[8]
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823
International Journal of Computational Intelligence and Information Security, November 2012 Vol. 3, No. 9 ISSN: 1837-7823
6. Conclusion
The security of e-commerce in commercial sectors becomes an important issue. Risk of E-commerce should be expansively implicit, and the necessary measures are taken to minimize the caused damage and prevent unnecessary loss. In this paper we have study of various e-commerce risk investigation and security dimension such as risk matrix, control interval and memory model and fuzzy iteration model. And we have analyse some security problems such as correctness of matrix values, also analyse some serious computational complexities in security dimension. Hance we are proposed a new technique for risk investigation of E-commerce.
Acknowledgement
The Success of this research work would have been uncertain without the help and guidance of a dedicated group of people in our institute NITTTR Bhopal. We would like to express our true and sincere acknowledgements as the appreciation for their contributions, encouragement and support. The researchers also wish to express gratitude and warmest appreciation to people, who, in any way have contributed and inspired the researchers.
References:[1] Li Bo, Xu Congwei, (2009) E-commerce Security Risk Analysis and Management Strategies of Commercial Bank, international forum on information technology and applications., IEEE computer society. [2] Yao Youli, Liu Jie, Jia Quan,Risk Assessment Model for E-commerce Security based on FCE proceeding of the 2009 international symposium on web information system and applications (WISA09). [3] Limin, Fei Yaoping A layered network evaluation method [j]. Microcomputer developing. 2003,13(6):pp106108(chinese) [4] Hua Liming, Wang Hua. Multilevel fuzzy evaluation method for network security [j]. Liaoning Engineering Technology University Journal.2004,23(4):510-513.(chinese) [5] Rizwan Beg,R.K.Pateriya,S.C.Shrivastava Risk Assessment for E-commerce Security based on Fuzzy Iteration Model [j]. International journal of computational Intelligence and Information security, july 2010. [6] Li Bo, Xu Congwei, E-commerce Security Risk Analysis and Management Strategies of Commercial Bank, international forum on information technology and applications.2009, IEEE computer society. [7] Yuanqiao Wen, Chunhui Zhou, Juan Ma, Kezhong Liu, Research on E-Commerce Security Issues, international seminar on business and information management,2008, ieee computer society. [8] Lu Tao, Lei Xue, Study on Security Framework in E-Commerce, 2007 ieee. [9] Wang Liping, Study of the Electronic Business Security Risk Management in E-Commerces, journal of Zhongnam university of electronic and law, 2007,(1) pp,75-78. [10] Luis Navarrow, Information Security Risk and Managed Security Service, information security technical report, 2001, 6(3) pp. 28-36. [11] Nie Jin, Lei Xue. Chiness Online Banking Security Analysis. The fifth wuhan international conference on ebusiness. Volume I, 2006, pp. 662-665. [12] Zhao Yiyao, Wang Shiping. Security evalution model for E-commerce based on PRA [j]. Computer Engineering and Design.2008 29(17): 4420-4422.(chinese)
10