On the Internet there is no 100% security. However, risks exist for companies that only have a physical presence. The biggest difficulty for companies operating in the e-commerce is to convince customers to trust electronic transactions. The risks posed to unsuspecting consumers mainly concern data security, validity information, theft of personal and banking data.
In order for a firm to successfully operate in the area of electronic commerce, we need to create a safe environment for both the consumer and the entrepreneur. Some important e-commerce systems security requirements are:
➢ Authenticity: The authenticity check is a process which aims to verify the correctness of the claim of a user that owns a specific identity so as to exclude cases Digital impersonation. Control of the user performed prior to initiating any transaction and implemented using different technologies.
➢ Authorization: The delegation includes controlling access to specific information and services when the user’s identity has been verified. It concerns namely the assignment of rights by the owner to the user. This assignment defines the rights and limitations of transacting sides and enables you to access or and use of sensitive data. The delegation consists of access control mechanisms, network resources and access rights.
➢ Assurance: The trust that a requirement is achieved.
➢ Confidentiality: This is a concept closely related to privacy and secrecy. Confidentiality is the most common safety requirement combined with the identification of the person for the majority of commercial transactions and ensures that the information exchanged will not be disclosed to unauthorized parties.
➢ Integrity: This concerns the possibility of amendments (additions, deletions and changes) information. Integrity ensures that data will not be altered during the transfer or if altered, will be perceived by the transacting parties to undertake the actions envisaged.
➢ Availability: Refers to immediate access to information, services and more generally to all resources of the system when needed, without undue delay.
➢ Non disclaimer (Non repudiation): Under this condition, none of the parties in the transaction must not be able to deny his participation in a transaction.