Global ETD Search

11	Internet payment system--: mechanism, applications & experimentation. January 2000 (has links) Ka-Lung Chong. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2000. / Includes bibliographical references (leaves 80-83). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgments --- p.iii / Chapter 1 --- Introduction & Motivation --- p.1 / Chapter 1.1 --- Introduction --- p.1 / Chapter 1.2 --- Internet Commerce --- p.3 / Chapter 1.3 --- Motivation --- p.6 / Chapter 1.4 --- Related Work --- p.7 / Chapter 1.4.1 --- Cryptographic Techniques --- p.7 / Chapter 1.4.2 --- Internet Payment Systems --- p.9 / Chapter 1.5 --- Contribution --- p.16 / Chapter 1.6 --- Outline of the Thesis --- p.17 / Chapter 2 --- A New Payment Model --- p.19 / Chapter 2.1 --- Model Description --- p.19 / Chapter 2.2 --- Characteristics of Our Model --- p.22 / Chapter 2.3 --- Model Architecture --- p.24 / Chapter 2.4 --- Comparison --- p.30 / Chapter 2.5 --- System Implementation --- p.30 / Chapter 2.5.1 --- Acquirer Interface --- p.31 / Chapter 2.5.2 --- Issuer Interface --- p.32 / Chapter 2.5.3 --- Merchant Interface --- p.32 / Chapter 2.5.4 --- Payment Gateway Interface --- p.33 / Chapter 2.5.5 --- Payment Cancellation Interface --- p.33 / Chapter 3 --- A E-Commerce Application - TravelNet --- p.35 / Chapter 3.1 --- System Architecture --- p.35 / Chapter 3.2 --- System Features --- p.38 / Chapter 3.3 --- System Snapshots --- p.39 / Chapter 4 --- Simulation --- p.44 / Chapter 4.1 --- Objective --- p.44 / Chapter 4.2 --- Simulation Flow --- p.45 / Chapter 4.3 --- Assumptions --- p.49 / Chapter 4.4 --- Simulation of Payment Systems --- p.50 / Chapter 5 --- Discussion of Security Concerns --- p.54 / Chapter 5.1 --- Threats to Internet Payment --- p.54 / Chapter 5.1.1 --- Eavesdropping --- p.55 / Chapter 5.1.2 --- Masquerading --- p.55 / Chapter 5.1.3 --- Message Tampering --- p.56 / Chapter 5.1.4 --- Replaying --- p.56 / Chapter 5.2 --- Aspects of A Secure Internet Payment System --- p.57 / Chapter 5.2.1 --- Authentication --- p.57 / Chapter 5.2.2 --- Confidentiality --- p.57 / Chapter 5.2.3 --- Integrity --- p.58 / Chapter 5.2.4 --- Non-Repudiation --- p.58 / Chapter 5.3 --- Our System Security --- p.58 / Chapter 5.4 --- TravelNet Application Security --- p.61 / Chapter 6 --- Discussion of Performance Evaluation --- p.64 / Chapter 6.1 --- Performance Concerns --- p.64 / Chapter 6.2 --- Experiments Conducted --- p.65 / Chapter 6.2.1 --- Description --- p.65 / Chapter 6.2.2 --- Analysis on the Results --- p.65 / Chapter 6.3 --- Simulation Analysis --- p.69 / Chapter 7 --- Conclusion & Future Work --- p.72 / Chapter A --- Experiment Specification --- p.74 / Chapter A.1 --- Configuration --- p.74 / Chapter A.2 --- Experiment Results --- p.74 / Chapter B --- Simulation Specification --- p.77 / Chapter B.1 --- Parameter Listing --- p.77 / Chapter B.2 --- Simulation Results --- p.77 / Bibliography --- p.80 Electronic commerce--Security measures Electronic funds transfers Internet--Security measures World Wide Web--Security measures Computer security
12	Economic issues in distributed computing Huang, Yun, 1973- 28 August 2008 (has links) On the Internet, one of the essential characteristics of electronic commerce is the integration of large-scale computer networks and business practices. Commercial servers are connected through open and complex communication technologies, and online consumers access the services with virtually unpredictable behavior. Both of them as well as the e-Commerce infrastructure are vulnerable to cyber attacks. Among the various network security problems, the Distributed Denial-of-Service (DDoS) attack is a unique example to illustrate the risk of commercial network applications. Using a massive junk traffic, literally anyone on the Internet can launch a DDoS attack to flood and shutdown an eCommerce website. Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate the organizations. Chapter 1 discusses two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching, and then analyzes the broken incentive chain in each of these technological solutions. As a remedy, I propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks. Chapter 2 addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. I propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms built on usage-based fees. Cost-effectiveness is also addressed through an illustrative implementation scheme using Policy Based Networking (PBN). By investigating both technological and economic difficulties in defense of DDoS attacks which have plagued the wired Internet, our aim here is to foster further development of wireless Internet infrastructure as a more secure and efficient platform for mobile commerce. To avoid centralized resources and performance bottlenecks, online peer-to-peer communities and online social network have become increasingly popular. In particular, the recent boost of online peer-to-peer communities has led to exponential growth in sharing of user-contributed content which has brought profound changes to business and economic practices. Understanding the dynamics and sustainability of such peer-to-peer communities has important implications for business managers. In Chapter 3, I explore the structure of online sharing communities from a dynamic process perspective. I build an evolutionary game model to capture the dynamics of online peer-to-peer communities. Using online music sharing data collected from one of the IRC Channels for over five years, I empirically investigate the model which underlies the dynamics of the music sharing community. Our empirical results show strong support for the evolutionary process of the community. I find that the two major parties in the community, namely sharers and downloaders, are influencing each other in their dynamics of evolvement in the community. These dynamics reveal the mechanism through which peer-to-peer communities sustain and thrive in a constant changing environment. / text Electronic commerce--Security measures Computer networks--Security measures Online social networks
13	A model to enhance the perceived trustworthiness of Eastern Cape essential oil producers selling through electronic marketplaces Gcora, Nozibele January 2016 (has links) Eastern Cape Province farmers in the natural essential oils industry are yet to fully realise the use of electronic commerce (e-commerce) platforms, such as electronic marketplaces (e-marketplaces) for business purposes. This is due to the issues that include lack of awareness, poor product quality, untrusted payment gateways and unsuccessful delivery that are associated with e-marketplaces. As a result, farmers do not trust e-marketplaces and therefore hesitate to engage in e-marketplaces for business purposes. This is further complicated by natural essential oils buyers‟ tendency of preferring face-to-face interaction with a supplier rather than online interaction as they need quality assurance. As such, this research proposes a model to enhance the perceived trustworthiness of natural essential oil producers in the Eastern Cape Province selling through e-marketplaces. The model constitutes the factors that could be considered in assisting essential oil producers to create a perception of trustworthiness to buyers in e-marketplaces. These factors were evaluated amongst five organisations involved in the production, retail or processing of essential oils using a multiple-case study methodology. The study‟s use of multiple-case study was applied within the interpretivist paradigm and five cases were considered. Interviews, document analysis and observations were used for data collection. Data analysis was done using within-case analysis followed by cross-case analysis to establish factors of trust. The essential oil producers based in the Gauteng, Kwazulu-Natal and Western Cape provinces were cases that had been successfully using e-marketplaces for a notable period of time. Accordingly, factors that contributed to the successful use of e-marketplaces informed the proposed model of this research. The model proposes that perceived trustworthiness of enterprises in e-marketplaces can be achieved through following the uncertainty reduction stages (Entry, Personal and Exit) and applying uncertainty reduction strategies (passive, active and interactive). Essences and essential oils -- Marketing
14	A framework for secure human computer interaction. Johnston, James 02 June 2008 (has links) This research is concerned with the development of a framework for the analysis and design of interfaces found in a security environment. An example of such an interface is a firewall. The purpose of this research is to use the framework as a method to improve the usability of an interface, thus aiding the user to implement the correct security features. The purpose is also to use the framework to assist in the development of trust between a user and a computer system. In this research the framework comprises six criteria which are used to analyse interfaces found in the traditional software environment, Internet banking environment and e-commerce environment. In order to develop the framework an overview of the fields of information security and human computer interfaces (HCI) is given. The overview provides background information and also establishes the existing research which has been done in these fields. Due to its popularity, the Windows Internet Connection Firewall is analysed in this research. Based on the criteria a level of trust fostered between the user and interface is calculated for the firewall. It is then shown how this level of trust can be improved by modifying the interface. A proposed interface for the firewall is presented according to the criteria. Interfaces found in the online Internet environment are discussed. This is important in order to identify the similarities and differences between traditional software interfaces and web interfaces. Due to these differences the criteria are modified to be relevant in the analysis and design of security interfaces found on the Internet. Three South African online banking websites are analysed according to the modified framework. Each interface is broken down into a number of components which are then analysed individually. The results of the analysis are compared between the three banking sites to identify the elements which make up a successful interface in an online banking environment. Lastly, three interfaces of e-commerce websites are analysed. Recommendations are made on how the interfaces can be improved, thus leading to a higher level of trust. / Labuschagne, L., Prof. electronic commerce security measures web sites security measures internet banking security measures firewalls (computer security) Microsoft Windows (computer file) computer security human- computer interaction
15	Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context Pather, Maree 25 August 2009 (has links) A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems) Security Business-to-business e-commerce (B2B) Extranet Interoperability Trading partner 005.71 Computer networks -- Security measures Electronic commerce -- Security measures Electronic data interchange
16	The consumer-perceived risk associated with the intention to purchase online Ward, Shannon-Jane 12 1900 (has links) Thesis (MComm (Business Management))--Stellenbosch University, 2008. / The market share of online purchasing is under two percent of total retail spending, which provides an indication that consumers have been slow to adopt online purchasing. Previous research has shown that consumers perceive risks associated with purchasing online and these perceptions are likely to affect purchase intention. Little research, however, has been done on perceived risk relating specifically to online purchasing, and in particular, risk related to branded and non-branded retailer websites. Research has shown that brand knowledge has a direct effect on a consumer’s intention to purchase from an online retailer and that this relationship between brand knowledge and intent to purchase online is mediated by perceived risk. The purpose of this exploratory study was therefore to investigate the consumer-perceived risks associated with the intention to purchase online. The research problem considered the question whether the perceived risks (financial, performance, physical, time, social and psychological risks) associated with a branded website (Kalahari.net) are different from the perceived risks associated with a non-branded website (Books.com). It was found that four types of perceived risk exist namely, performance, time, social, and personal risk. Of these risks, only performance risk had an influence on a consumer’s purchase intention from a non-branded website whereas performance and personal risk influenced a consumer’s intention to purchase from a branded website. It was also revealed that consumers perceive performance, time, and social risk as not statistically different when purchasing from a non-branded or a branded website. However, personal risk was perceived to be statistically differently for the two websites. In addition, the brand image dimension of brand knowledge had an influence on a consumer’s purchase intention from both the branded and non-branded websites. The brand awareness dimension of brand knowledge did not influence purchase intention at all. For all four risk types on both the branded and nonbranded websites (except social risk on Books.com), at least one and in some cases, both dimensions of brand knowledge influenced the degree of perceived risk associated with purchasing on the particular website. Finally, it was concluded that the more information search a consumer does before purchase of a book on a branded or non-branded website, the higher their perceived risk associated with purchasing from the particular website. A number of recommendations were made. Methods for decreasing the amount of performance risk which consumers perceive when purchasing a book online were firstly suggested. It was further recommended that Kalahari.net investigate the dimensions of their brand such as brand image, brand awareness, and brand trust, to identify the reasons why consumers perceive performance, social and time risk as being not statistically different when purchasing on a branded and a non-branded website. Since consumers did not see a difference between the brand image of the branded and the non-branded websites, it was recommended that the branded website make every effort to investigate their current branding strategy to identify the reasons consumers view the branded website in the same manner as the non-branded website. Furthermore, since both dimensions of brand knowledge influenced the degree of perceived risk associated with purchasing on the particular website to a certain extent, it was recommended that online retailers focus on building familiarity, positive thoughts, feelings, associations, and beliefs concerning the online retailer brand. Finally, it was recommended that the influence of information search online on perceived risk associated with purchasing be further investigated; because this study found that an action that was traditionally initiated as a means for decreasing perceived risk can now be attributed to increased consumer-perceived risk associated with online shopping. Online purchasing Risk perception Internet shopping Internet safety Dissertations -- Business management Theses -- Business management Consumer confidence Consumer behavior Consumers -- Attitudes Dissertations -- Industrial management Theses -- Industrial management
17	The status of information security in South Africa Warricker, Anina M. 03 1900 (has links) Thesis (MPhil)--Stellenbosch University, 2005. / ENGLISH ABSTRACT: The business and social environments are increasingly reliant on the information network, and the quality and integrity of the information to effectively conduct transactions, and "survive" in the new economy. These information networks facilitate communication and transactions between customers, suppliers, partners, and employees. Emerging technologies further encourage the extension of network boundaries beyond the branch office, to private homes, airports, and even the comer coffee shop, e.g. wireless internet access. Although technology advances contribute to significant increases in productivity, convenience, and competitive advantage, it also increases the risk of attacks on the integrity and confidentiality of any information interaction. One of the key questions is how to achieve the right level of information network security and implement effective protection systems, without impacting productivity by excessively restricting the flow of information. The issue of information security is not a localised problem, but a problem on global scale, and South African businesses are no less at risk than any other geographically located business. The risk of information security is even greater if aspects like globalisation are taken into account, and the growing inter-connectedness of the global business environment. The central question is: How does the South African business environment view information security, their perceived success in implementing information security measures, and their view of future trends in information security. Ingenue- Consulting is a global business focusing on technology consulting services, across a wide range of industries and technologies. Information security has been identified by Ingenue Consulting to be a global problem, and primary research into this business issue have been undertaken in different locations globally, e.g. Australia and South African executive level survey of what the perception and importance are of information security, of business leaders across public and private industries. Ingenue Consulting has an in-house research facility, and tasked them with conducting a survey in South Africa. The survey results can then be compared with global trends, and applied in the business environment, to highlight the impact of information security risks, and to help businesses to change and improve their information security processes and technologies. The research department started out doing an extensive literature study to identify global and local trends in information security, and to assist in the compilation of the survey questionnaire. A sample group of "blue chip" businesses across all industries was targeted at executive level to conduct a research survey - fifty interviews were conducted. The raw data was collated and analysed to formulate an opinion of the information security practices and perceptions of the business environment in South Africa. The survey confirmed that the South African market risks in terms of information security are very similar to global trends. Some of the key trends are: Information security agreements are normally signed at the onset of employment, but rarely updated or highlighted to ensure continued support and implementation. This is almost contradictory to the fact that information security are taken seriously by the executive level, and often discussed at board level. The mobility of information with the emergence of wireless networks is a key issue for most businesses - as information security is at its most vulnerable. Most of the respondents rated themselves ahead of the curve and their competitors - overestimation of competencies, could lead to larger future risks. The sensitive nature of information security industry makes benchmarking against local or global players difficult due to the sensitive nature -limited willingness to participate in a consultative forum. Companies that outsouree IT tend to "wash their hands off' security issues as the responsibility of the outsourcing vendor. Most local businesses haven't got a worldly view - they do not have an active process to find out what their peers are doing locally or globally, they rely mostly on vendor and consulting advice, or media coverage. / AFRIKAANSE OPSOMMING: Die besigheids en sosiale omgewings is toenemend afhanklik van die inligtings netwerke, en die kwaliteit en integriteit van inligting om transaksies effektief uit te voer, en om te "oorleef" in die nuwe ekonomie. Inligtings netwerke fasiliteer kommunikasie en transaksies tussen kliente, verskaffers, vennote, en werknemers. Nuwe tegnologiee verder veskuif netwerk grense, wyer as die tak-kantoor, na private huise, lughawens, of die koffie kafee - deur middel van draadlose internet toegang. Alhoewel tegnologie ontwikkelings bydra tot verbeterde produktiwiteit, en gemak van gebruik - dra dit ook by tot groter gevaar van aanvalle op die integriteit en konfidensialiteit van enige inligtings transaksie. Een van die sleutel vrae is hoe om die regte vlak van inligting netwerk sekuriteit te bereik, en om die regte beskermings metodes te implementeer - sonder om die produtiwiteit te inhibeer. Die inligting sekuritets vraagstuk is nie bloot 'n lokale vraagstuk nie, maar van globale skaal, en Suid-Afrikaanse besighede is nie minder in gevaar as enige ander besigheid in 'n ander lande nie, veral nie as aspekte soos globaliseering in ag geneem word nie. Die sentrale vraag is: Hoe sien die Suid-Afrikaanse besigheids wereld inligtings sekuriteit, en die waargenome sukses met die implementering van inligtings sekuriteit prosesse, en ook hoe hul die toekoms sien van inligtings sekuriteit. Ingenue* Consulting is 'n wereldwye besigheid, gefokus op tegnologie konsultasie dienste, oor 'n wye reeks industriee en tegnologiee. Inligting sekuriteit is deur Ingenue Consulting ge-identifiseer as 'n globale probleem, en primere navorsing in die area is al onderneem in verskillende geografiee, soos Australie en die Verenigde Koninkryk. Die Suid-Afrikaanse tak van Ingenue het vroeg in 2004 besluit om 'n lokale studie te doen oor top bestuur se persepsies van inligting sekuriteits risikos, in beide die publieke en privaat besigheids wereld. Die interne navorsings afdeling van Ingenue Consulting in Suid-Afrika is gevra om die nodige studie te ondeneem, om dit dan met globale studies te vergelyk, en te kan bepaal waar gapings mag wees, en hoe om die gapings aan te spreek. Die navorsings afdeling het begin deur 'n ekstensiewe literatuur studie te doen, as hulp tot die samestelling van die vrae-lys. 'n Teiken groep van top Suid-Afrikaanse besighede, verteenwoordigend van alle industriee is genader om 'n onderhoud toe te staan om die vrae-lys te voltooi - vyftig onderhoude was voltooi. Die rou data is gekollekteer en geanaliseer, om 'n opinie te formuleer oor die inligtings sekuriteit persepsies en praktyke van die besigheids omgewing in Suid-Afrika. Die navorsing het bevestig dat die Suid-Afrikaanse mark baie dieselfde is as ander geografiese markte - in terme van inligting sekuriteit. Van die sleutel konklusies is: Inligting sekuriteit ooreenkomste word meestal geteken met die aanvangs van diens, maar bitter selde dan weer opgevolg of hernu - dit is byna kontradikterend dat top bestuur ook baie besorg is oor inligting sekuriteit, en dat dit dikwels by raads vergaderings bespreek word. Die mobiliteit van inligting is 'n groeiende bekommernis, omrede inligting dan nog meer op risiko is. Meeste respondente sien hulself as beter of meer gevorderd as hul kompeteerders - 'n oor-estimasie van sukses in inligtings sekuriteit kan lei tot groter probleme in die toekoms. Die sensitiewe natuur van inligting sekuriteit maak ope vergelyking van gedetaileerde prosesse moeilik - en meeste besighede is nie bereid om deel te neem aan algemene gesprekke nie. Terwyl besighede wat hul tegnologie afdeling deur 'n derde party bestuur, neem geen verantwoordelikheid vir hul inligtings sekuriteit nie. 'n Groter bekommernis is dat besighede in Suid-Afrika nie 'n aktiewe proses het om op hoogte bly van wat die beste opsies is in inligtings sekuriteit nie, of wat hul teenstanders doen nie - maar vertrou op die advies van verkoops en konsultasie maatskappye, of media berigte. Ingenue Consulting Dissertations -- Information science Theses -- Information science
18	Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context Pather, Maree 25 August 2009 (has links) A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems) Security Business-to-business e-commerce (B2B) Extranet Interoperability Trading partner 005.71 Computer networks -- Security measures Electronic commerce -- Security measures Electronic data interchange
19	A secure mobile agent e-commerce protocol Yu, Min-Chieh 09 December 2015 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / There are many advantages of mobile agent such as delegation of tasks, asynchronous processing, adaptable service in interfaces, and code shipping. Mobile agents can be utilized in many areas such as electronic commerce, information retrieval, network management, etc. The main problem with mobile agents is security. The three basic security design goals of a system are confidentiality, integrity, and availability. The goal of this thesis concerns the property of secure purchasing by mobile agents. First present Jalal's anonymous authentication protocol. Next, we construct our single mobile agent protocol based on Jalal's authentication technique. Also, we add some addition cryptography techniques to make the data more secure during its migration. Lastly, we build a multiple mobile agent protocol based on the single mobile agent protocol. Here, the multiple mobile agents are capable to make the decision and purchase the item for user. Mobile Agent E-commerce Electronic commerce -- Purchasing Mobile commerce -- Cryptography Computer security -- Research
20	Internet-based electronic payment systems Kortekaas, Birgit Friederike 01 January 2002 (has links) As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems) Internet Electronic commerce Electronic payment systems Authentication Confidentiality Identification Integrity Privacy Security Cryptography Certificates Encryption Digital signatures Anonymity Threats Electronic cash Electronic cheque Smart cards Electronic credit cards 658.478 Internet -- Economic aspects Internet -- Security measures Payment Electronic commerce -- Security measures Computer networks -- Security measures Data encryption (Computer science) Smart cards

Search results