Security & Privacy for E-Business

Security & Privacy for E-Business

by Anup K. Ghosh

An in-depth look at the pressing issues involved in protecting an e-business from external threats while safeguarding customer privacyWith billions of dollars at stake in e-commerce, companies are becoming much more concerned about security and privacy issues. Hackers have made headlines by breaking into Web sites that aggregate sensitive information about all of us…  See more details below


An in-depth look at the pressing issues involved in protecting an e-business from external threats while safeguarding customer privacyWith billions of dollars at stake in e-commerce, companies are becoming much more concerned about security and privacy issues. Hackers have made headlines by breaking into Web sites that aggregate sensitive information about all of us, which has caused growing public concern about personal and financial privacy. Some online businesses are inadvertently "sharing" data with others when they interoperate systems. This book examines the external threats to a company's system and explains how to react if your system and business goals diverge. It also presents a nuts-and-bolts guide to enhancing security and safeguarding gateways. Readers will find an extensive reference section for the many tools, standards, and watchdog agencies that aid in the security/privacy effort.

Editorial Reviews

From the Publisher
"there's plent of food for thought" (M2 Communications, 16 May 2001)
This book, which Ghosh (author and consultant) suggests will provide a useful companion to his 1998 reference , covers the security and privacy issues of e- business. E-business itself is defined, with several case studies as examples, and expansion of the concept to include embedded Internet devices as enablers. The technology of e-business and its attendant risks are described, with subsequent chapters devoted to software risk management strategies, a lengthy description of how to build a secure e-business, client-side risks, the risks of mobile and malicious code, risks to mobile e-commerce, and the privacy risks of the online world. Annotation c. Book News, Inc., Portland, OR (

Product Details

Publication date:
Product dimensions:
7.45(w) x 9.21(h) x 0.58(d)

Read an Excerpt

Chapter 1: E-Commerce in the Twenty-First Century

Electronic commerce, or simply e-commerce, has overwhelmed so much of today's business news that we often forget the humble beginnings of what is now a multibillion dollar industry. Ecommerce hit the popular lexicon when businesses began using the Internet for commercial purposes. Prior to e-commerce, universities and research laboratories used the Internet largely for communicating and exchanging documents. Previous initiatives in e-commerce were largely over proprietary networks using Electronic Data Interchange (EDI) formats for automating order processing. These networks, though, were expensive and often dedicated to one particular service. As a result, ecommerce over proprietary networks was limited to closed communities of large businesses that could afford the up-front costs of being a player. The Internet changed this model drastically. Business could perform the same types of EDI transactions over the Internet-and much, much more. With pervasive Internet service, the entry costs are significantly cheaper than EDI, while at the same time, Internet service provides a much larger field of business partners. To sweeten the pot considerably, consider that the general public has largely become Internet savvy at home and work. The benefits that accrue with widespread adoption are non-linear, like a snowball effect. That is, each additional Internet node provides a disproportionately high return of value. Like the fax machine, having a single Internet node is more or less useless. The more widespread the adoption, the greater the utility will be to everyone. In economic terms, each new Internet node creates positive networkexternalities. Or, in other words, the act of creating one additional Internet node creates positive side effects-everyone else on the Internet can now reach that new node. This type of positive externality, long known to economists when studying telephone networks, has an even more magnified effect than traditional phone networks because of the sheer bandwidth and range of services that can be offered through that one additional Internet node, when compared to the same bandwidth and services offered over traditional telephone service.

Another significant change has been in the thinking of what e-commerce is. Since the Internet started replacing EDI and proprietary value-added network (VAN) systems, "e-commerce" became the term for describing transaction-based commerce over the Internet. The industry grew quickly to encompass the broad range of activities that support business over the Internet. The term "e-tailing" is now being used to describe the purchasing and selling of goods and services over the Internet, while "e-business" is sometimes used to describe the myriad activities involved with doing business on the Internet. E-commerce encompasses both these terms and describes the whole range of Internetbased activities that support businesses, transaction-based commerce, research, information brokering, and business communications.

Although it is true that the Internet changed e-commerce from what it was to what it now is, it is also true that e-commerce changed the Internet. One truly remarkable effect that the commercial sector has had on the Internet is the phenomenal rate of adoption it has spurred. As an indication of the kind of phenomenon Internet rate adoption is, consider that it took radio 38 years, the television 13 years, and the Internet merely 5 years to achieve 50 million subscribers. The high rate of adoption has created the business-to-consumer (B2C) market. It is the B2C marketing phenomena that has received the most hype, if not generated the most sales. In fact, business-to-business (13213) e-commerce outpaces B2C e-commerce by a rate of 5:1 in terms of sheer dollar values, if not in numbers of transactions, and this trend is expected to continue in the near term. Over the long term, it is certainly possible that the B2C economy may eventually outpace 13213 sales, but that model remains to be borne out...

Read More

What People are saying about this

From the Publisher
Advance Praise for Security and Privacy for E-Business "This book is essential reading for everyone interested in jumping on the e-business bandwagon without getting run over in the process."—Peter G. Neumann Principal Scientist, Computer Science Lab, SRI International Moderator of the ACM Risks Forum Author of Computer-Related Risks

"Makes a difficult topic very approachable for IT managers and decision makers who want to secure their systems, but do not want to get doctorates in cryptography." —Ravi Ganesan CEO, SingleSignon.Net

"A helpful and interesting book for both the computer novice and the experienced Internet executive in the new Internet policy world. This book is also for anyone who needs to understand that designing secure and private e-commerce systems is an ongoing, continual exercise in mitigating potential vulnerabilities, particularly in today's ever-increasingly mobile wired world."—Tatiana Gau AOL Integrity Assurance, America Online, Inc.

"Anup Ghosh distills the essential features of good security and privacy and vividly demonstrates just how infrequent they are on the Internet. Lending a needed historical perspective to a topic that now attracts Web site headlines, Ghosh's important new book speaks to both technical experts and neophytes who want to protect themselves on the Web. In a funny and non-paranoid way, he walks us through several recent hacker attacks and encourages all of us in our technology-savvy society to take security and privacy more seriously."—Drew Clark Senior Writer National Journal's Technology Daily

"The global e-business wave continues to spark passionate debate about important personal and consumer-rights issues, such as Internet security and individual privacy. As organizations and individuals become increasingly connected through various networks in the coming decades, clearly the need for more intelligent safeguards—at both the organizational as well as consumer levels—has never been more apparent. Security and Privacy for E-Business offers its audience a front-row seat allowing a view into the realities and dangers that exist in today's universal electronic marketplace."—Richard Dean Internet Security Professional

Read More

Meet the Author

ANUP K. GHOSH, PhD, is a world-renowned expert in electronic commerce security. He is Director of Security Research at Cigital, Inc. ( and the author of the first definitive guide to e-commerce security, E-Commerce Security: Weak Links, Best Defenses (Wiley). A consultant to Global 1000 companies, Ghosh is a frequent speaker and contributor to popular trade publications, has been interviewed on Internet credit card fraud on CNBC Business News, and is the recipient of an IEEE Third Millennium Medal for Outstanding Contributions to E-Commerce Security. Ghosh currently lives in Fairfax, Virginia, with his wife Nita and son Jay.

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >