6.1 Security of web site used for money transactions
- In order to conduct commerce on the Internet it is important that a system of security be devised so that the users of the site can be sure that the information that they are transmitting over the Internet will only be read by the site they are communicating with. Various forms of security have been devised and the use of encryption is the most common way to protect the information of a transaction. In order to make the user aware that they are sending information over the Internet that is not secure, many of the web browsers today give the user a warning message when they fill out a form and submit it to a web site. This tells the user that the web site is not using a secure transaction method and that anyone intercepting the information could read it. Some of the following methods are used to secure transactions.
-
6.1.1 Applying new SET standards and other security to a site. - SET (Secure Electronic Transactions) is a joint standard 52 that was created so that Visa/MasterCard transactions could be securely done over the Internet. Currently there are various different methods of securing transactions on the Internet. A good article on the "virtual plastic" can be found in PC Magazine ONLINE53. The standard has been released to application developers to start writing applications and soon commercial software will be available to use the SET standard. The standard uses a digital certificate that is issued to the user that identifies the bank that issued the credit card. This helps to secure the card because only the owner of the card should have the authentication key.
- 6.2 Protecting site from outside attack.
- Security on a web site is an issue that should not be taken too little. The Internet is made up of millions of computers all linked together and capable of connecting to each other. Your web site must be protected from outside attach as there are people on the Internet that wish to attach your environment.
- 6.3 Protection of server and backup media from intruder.
- There are several ways to protect your web site from attach from the outside world. One way to have a separate machine for the web server that is independent of the machine containing the web pages. A proxy server can be used to service the requests from the network to the web server. This will prevent an intruder from connecting to the site. Backup tapes should be kept at a remote site from the server to prevent them from being destroyed.
