WOW !! MUCH LOVE ! SO WORLD PEACE !
Fond bitcoin pour l'amélioration du site: 1memzGeKS7CB3ECNkzSn2qHwxU6NZoJ8o
  Dogecoin (tips/pourboires): DCLoo9Dd4qECqpMLurdgGnaoqbftj16Nvp


Home | Publier un mémoire | Une page au hasard

 > 

E-commerce capabilities assessment: -security of e-payment systems- case of the democratic republic of congo

( Télécharger le fichier original )
par Espérant Ngongo Mbuli
University of Walles - Master in Advanced information technology and Business Management 2013
  

précédent sommaire suivant

Bitcoin is a swarm of cyber hornets serving the goddess of wisdom, feeding on the fire of truth, exponentially growing ever smarter, faster, and stronger behind a wall of encrypted energy

II.7.2.1 Overview of the framework for security and control of Information system

For the security of information technology, protection of information resources is defined through a set of standards for security and controls published as norm by the International Standards Organization (ISO) and the International Electro technical Commission (IEC), grouped in joint committee, under the norm ISO/IEC 17799 which is the reference code of practice about the security of information system (Kenneth C. Laudon and Jane P. Laudon, 2006 and Anthony Tarantino, 2008).

The definition of the international security management system (ISMS) standard under the reference ISO/IEC 27001:2005 (called ISO 27001) in replacement of the British standard institute code of conduct in IS security «BS 77799-2:2002» inaugurates the new era of information security management (Anthony Tarantino, 2008, p169).

ISO 27001 titled «Information technology - security techniques - information security management systems - requirements», is not a technical specification but a management system which is a first of international security standards, defined by ISO which have number series ISO 27000 (A. Tarantino, opcit, p172).

The ISO/IEC 17799:2005 (ISO 17799) later named ISO 27002, has been developed under the title «Information technology - security techniques - code of practice for information security management» as a set of guidelines for the implementation of the ISO 27001security standards.

According to ISO 27002, there are three fundamental attributes of an information asset (data representing a value for an organization); confidentiality, availability and integrity which can be impacted by risks from a wide range of threats: fraud or criminal activity, system failure, user errors, etc (A. Tarantino, 2008, p174).

For this research the concept of security of the information is the one provided by ISO 27002: «information is characterized within ISO 17799» (ISO 27002) «as the preservation of:

? Confidentiality - Ensuring that information is accessible only to those authorized to have access to it,

? Integrity - safeguarding the accuracy and completeness of information and processing methods,

? Availability-Ensuring that authorized users have access to information and

associated assets when required» (IT Governance Institute, 2006).

II.7.2.2 Security of online e-commerce transaction

The highest worry about e-commerce users is that their personal information, especially credit card number, bank account details, can be stolen when proceeding online transaction or on the server of the company running the online business.

According to Timothy P. Layton (2007, p100), ISO 27001 controls about e-commerce include fraud, insurance, confidentiality, and authorization to data access while the control related to online transaction is related to «the security and protection of data and information involved in network transactions».

précédent sommaire suivant






Bitcoin is a swarm of cyber hornets serving the goddess of wisdom, feeding on the fire of truth, exponentially growing ever smarter, faster, and stronger behind a wall of encrypted energy







© Memoire Online 2000-2023
Pour toute question contactez le webmaster

"Nous voulons explorer la bonté contrée énorme où tout se tait"   Appolinaire