Sara Malmström; Kristoffer Bengtsson , pp. 40. Inst. för Programvaruteknik och Datavetenskap/Dept. of Software Engineering and Computer Science, 2001.
This candidate thesis is discussing the topic of electronic commerce security on the Internet. A quick overview of e-commerce on the Internet as well as some potential threats to e-commerce is discussed to provide background for the need for security. Three main topics related to e-commerce security are discussed: ? Secure transfer of sensitive information, including encryption and technologies like SSL, S-HTTP. ? Identification of parties in e-commerce transactions, such as digital certificates and different kinds of password authentication. ? Methods for payment over the Internet, discussing stored-account payment systems and stored value payment systems. A case study at Interpilot AB in Karlshamn was conducted. From this case study we came to the conclusion that a number of factors determine the security needs of a specific e-commerce company. The needs can be determined by performing a feasibility study in combination with an analysis of the realistic threats to the e-commerce service in question. These factors determine the viable security solutions, by balancing the needs of the target group, structure of the company and economical factors with the necessary level of security.