Posted by: Shofiur Rahman
Posted on: June 13, 2012 4:41 pm
Disclosure of secret data:
In ecommerce website confidential information provided by a customer, such as his password, contact details and credit card details. To reduce the risk of exposure, you need to limit the methods by which information can be accessed and introduce user authentication with the system.
Passing or demolition of data:
It can be more costly for you to lose data than to have it exposed. If you spent months build up your site, gather user data and orders, how much would it cost you, in time, reputation, and pounds to lose all that information? If you have no backups of any of your data, you need to rewrite the website in a hurry and start from scratch. So you need to integrate ‘backup system’ with your ecommerce website.
Mutation of data:
Although the loss of data could be damaging, mutation could be worse. To protect mutation of data you need to look at some points such as file permission, data encryptions and digital signature etc.
Denial of service:
One of the most difficult threats to guard against is denial of service. These attacks are so difficult to guard against is that there are a huge number of ways of carrying them out. Methods include installing a program on a target machine that uses most of the systems processor time, reverse spamming, etc.
Inaccuracy in software:
Errors in software can lead to all sorts of unpredictable behavior including service unavailability, security breaches, financial losses and poor customer service. Common causes of errors that you can look for include poor specifications, faulty assumptions made by developers and inadequate testing.
The final risk we will consider is repudiation. Repudiation occurs when a party involved in a transaction denies having taken part.