Free Essay

Security Issues and Solutions in E-Commerce Applications

In: Computers and Technology

Submitted By maz4060
Words 2158
Pages 9
Security Issues and Solutions in Ecommerce Applications

The rise in popularity of conducting business online via ecommerce sites has not gone unnoticed by hackers and other cyber-criminals. A rise in the number of transactions and an increase in businesses that have an online presence have provided hackers with increased opportunities to exploit security vulnerabilities in ecommerce applications for personal profit, at the expense of legitimate businesses and users. A successful attack can result in downtime, the theft of user financial and personal information, loss of revenue, and loss of customers. This paper will offer an overview of some common types of security vulnerabilities and attacks on ecommerce platforms as well as some common tactics to prevent such attacks. Additional suggestions for maximizing information security on an application level as well as within an origination will be made with the goal emphasizing the prevention of attacks.

There are numerous tactics that exploiters use to gain access to user personal and financial information on ecommerce sites. One common attack is SQL injection, which is a tactic where a hacker inserts SQL query data into user input fields on a web site, with the goal of that query being executed by the database. With the strategic placement of apostrophes, dashes and semi-colons, the hacker can execute queries that bring a web site down, provide access to customer financial and other personal information, and even manipulate data on the site. There have been a number of high-profile SQL injection attacks that have resulted in the theft of user information. The web sites of both Guess and PetCo were both the victims of a successful SQL injection attack by a 20 year old programmer who was able to steal user credit card information. Other online retailers that have fallen victim to SQL injection attacks resulting in the theft of user and credit card information include OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

There are a number of things that can be done to reduce a web site’s vulnerability to SQL injection. These tactics include using stored procedures for database access, filtering and escaping input data, limit database user permissions and access, and encrypting data. By using stored procedures, SQL can be eliminated entirely and “by encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced.” By filtering and escaping user input for any malicious code input, those statements can’t be executed as separate queries by the database in an injection attempt. In limiting database user permissions and access, the developer must limit the tables each web site’s database user has access to on the web server. Additionally, the web site’s database user should also never have server administrative privileges to minimize the amount of damage that can be done in an SQL injection. Finally, encrypting all user information in the database will add an additional layer of information protection, as hackers won’t have access to raw user data if an SQL injection attack is successful.

Another common attack on ecommerce sites is the Denial of Service (DoS) attack. A DoS attack is “an attack in which a large number of requests for service or access to a site bombard a system, which causes it to crash or become unable to respond in time.” Hackers are able to bring sites down by flooding the target server with packets, overloading bandwidth and memory, thus preventing legitimate users from being able to access the site. This can affect the ecommerce site itself, but common targets also include credit card payment gateways and bank sites, which can affect the flow of ecommerce transactions. There are a number of variations of DoS attacks, with the most popular being the amplification of attacks through the use of zombie machines, dubbed the Distributed Denial of Service attack.

While DoS attacks do not usually result in the theft of user information such as in the case of SQL injection, they have the ability to bring entire sites down. Hackers have varying motives which can range from making a political statement, mischief, or even to drive traffic to a competing ecommerce site. This can result in significant loss of revenue and a tarnished reputation for sites that do a significant amount of transactions online. Many large online retailers have been the victim of DoS attacks, notably the sites of Amazon, Paypal, Visa, and Mastercard in one high-profile attack in 2010 that resulted in downtime for several hours.

There is no way to completely prevent DoS attacks, as no technique or commercial product can completely guarantee that a single user connection is legitimate rather than a bot that intends to flood the system. However, there are a number of things that can be done to mitigate vulnerability to DoS attacks. These include monitoring for attacks, restricting the bandwidth that can be used by the infringing IP addresses, maximizing the bandwidth available to the web server, limiting the rate of new traffic from one host, and limiting the rate of ICMP traffic. Additionally, using commercial Intrusion Detection Systems such as Symantec’s Intruder Alert, Tripwire Security Tripwire, and McAfee’s Entercept Desktop and Server Agents can further mitigate an ecommerce site’s vulnerability to DoS attacks.

A security exploit that is unique to the shopping carts and payment gateways of ecommerce sites is that of data manipulation, more specifically price manipulation in which “the total payable price of the purchased goods is stored in a hidden HTML field of a dynamically generated web page. An attacker can use a web application proxy such as Achilles to simply modify the amount that is payable when this information flows from the user’s browser to the web server.” Using this technique, an attacker can change the hidden price field value through a proxy and successfully submit the form. For example, a hacker can change the price of a $500.00 product to $50.00 and have the transaction go through successfully. If a business has a high amount on online transactions, the price change and purchase can often go unnoticed.

There are a number of things that can be done to prevent a data manipulation attack. The developer should avoid using hidden fields whenever possible, especially on values that should not change such as price. Additionally, if hidden fields are ever used, efforts should be made to encrypt the value stored in the field as well as the field name, as the hacker will have more difficulty figure out which fields to modify. Additionally, the input values submitted in a transaction should always be verified to ensure accuracy and prevent fraud such as price changing. Verification of price charged can also occur manually as orders are filled to provide another layer of authentication into the process.

Another tactic that hackers use to exploit the users of ecommerce sites is that of phishing. Phishing is the practice of using deception to manipulate users into sharing personal information including passwords, usernames, financial data, and even social security numbers. One common method of this is an attacker sending a user an email that appears to be from a legitimate ecommerce site. The email requests the user to verify account information via a fake version of the ecommerce site, duping the user into sharing personal information that the hackers can steal. Noteworthy phishing scams have affected users of Ebay, CitiBank, PayPal, and Best Buy, resulting in the theft of social security numbers, credit card information, and ATM pins.

Unfortunately there are few architectural safeguards that can be built into an ecommerce application to protect against phishing, as the theft occurs through users and a third party site rather than the legitimate ecommerce site. There are however, some things that the owners of ecommerce sites can do to reduce the threat of their users falling victim to phishing scams. If a phishing scam is detected, ecommerce site owners can file a complaint with the phishing site’s Internet Service Provider (ISPs) to take the site down. While laws regarding ISPs closing down sites due to phishing attempts vary by country, the successful removal of a phishing site can prevent users from being able to provide personal information. Ecommerce sites should also educate users to verify that the URL in the browser window is the URL of the legitimate site before giving away any personal information. One more technical approach to reduce vulnerability to a phishing attack is to use two-factor authentication on login forms, such as a picture and phrase in addition to the username and password. The absence of the extra authenticating image and phrase on an illegitimate site requesting user information can serve as a red flag to users that the version of the ecommerce site they are visiting is not authentic.

While a number of common exploitations of ecommerce sites and possible solutions to reduce vulnerability to such attacks have been discussed, there are also additional measures that can be taken to secure ecommerce applications, thus improving information security.

One important safeguard for securing payments on ecommerce sites is that of using Public Key Infrastructure (PKI) via a third party SSL certificate authority. Using a reputable SSL certificate authority such as Verisign, Thwate, or Geotrust authenticates the identities of both the merchant and seller, providing for encrypted transfer of sensitive information.

Additionally, the network that an ecommerce site runs on should be further secured by using one or multiple firewalls. One common implementation is to secure the public web server that hosts an ecommerce application between two firewalls using a DMZ architecture to provide security against external attacks as well as threats from internal business networks.

Further securing ecommerce applications relies on careful planning of the ecommerce application itself as well as a business continuity plan to assess and mitigate the effects of an external attack, especially if an ecommerce web site is a mission critical component of an organization.

When developing the ecommerce application as well as configuring web and database servers, it is important to incorporate vulnerability prevention at the design stage rather than after an attack has occurred. The various components that are designed to secure the application should be tested for vulnerability throughout the software development lifecycle to identify and fix any additional risk for exploitation.

Additionally, developing a business continuity plan that includes risk and crisis management if the ecommerce platform or the company’s customers are victims of cybercrimes can be a critical component of not only securing information, but of maintaining reputation and customers in the event of an attack. By assessing possible security threats and as well as their likelihood and possible impact on the organization, the appropriate risks can be mitigated at the design level, during the development process, at the infrastructure level, and at the client level before attacks occur. A crisis management plan that dictates the plan of action and provides for the necessary infrastructure to recover from an attack will help minimize the damage caused, to both revenue and customer trust in the organization. For example, to prepare for a potential SQL injection attack that would result in theft of user data, in addition to designing the application from the onset so that it uses stored procedures for database access, ensuring that input data is filtered and escaped, limiting database access, and encrypting data as discussed earlier in this paper, there must also be a crisis management plan that prepares for the loss and theft of data in the event of a successful SQL injection attack. Setting up a failover server well in advance as well as automating backups can prevent downtime in the event of an attack, as the affected server can be taken offline to assess the damage and undergo troubleshooting. A response system to notify users that their information has been compromised as informing them of the plan of action could be set up far in advance, allowing for a quick and reassuring response to customers rather than an ill-prepared reaction that further tarnishes the company’s reputation and revenue.

As more users and businesses conduct business online via ecommerce web sites, hackers will inevitably attempt to exploit that trend by attacking vulnerable web sites and users for personal gain, at the expense of a business’s profits, customers, and reputation. There are several common attacks on ecommerce sites including SQL injection, Denial of Service attacks, phishing, and data manipulation- all of which can be mitigated using specific solutions as discussed in this paper. Information and ecommerce applications can be further secured through utilizing an SSL certificate and firewalls. Further, information security initiatives should start at the design level to prevent attacks on various vulnerabilities. Additional protection can occur through a business continuity plan that incorporates risk assessment and mitigation as well as crisis management in the event of an attack to minimize financial loss and restore customer trust.

References:

Similar Documents

Premium Essay

Directions for Web and E-Commerce Application Security

...Engineering Term Paper on Directions for Web and E-Commerce Applications Security SupervisorProf.P.M. Khilar Submitted byDinesh Shende Roll No-212CS2102 M.Tech(1st year) Directions for Web and E-Commerce Applications Security Abstract: This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and e-commerce applications are discussed. These security measures must be implemented so that they do not inhibit or dissuade the intended e-commerce operation. This paper will discuss pertinent network and computer security issues and will present some of the threats to e-commerce and customer privacy. These threats originate from both hackers as well as the e-commerce site itself. Another threat may originate at ostensibly friendly companies such as DoubleClick, MemberWorks and similar firms that collect customer information and route it to other firms. Much of this transaction information is able to be associated with a specific person making these seemingly friendly actions potential threats to consumer privacy. Many of the issues and countermeasure discussed here come from experiences derived with consulting with clients on how to maintain secure e-commerce facilities. These methods and techniques can be useful in a variety of client and server environments, also serving to alert e-commerce users of potential......

Words: 3283 - Pages: 14

Premium Essay

Logical vs Physical Topology

...Abstract E-commerce has presented a new way of doing business all over the world using internet. Organizations have changed their way of doing business from a traditional approach to embrace ecommerce processes. As individuals and businesses increase information sharing, a concern regarding the exchange of money securely and conveniently over the internet increases. Therefore, security is a necessity in an e-commerce transaction. The purpose of this paper is to present a token based Secure E-commerce Protocol. The purpose of this paper is to present a paradigm that is capable of satisfying security objectives by using token based secure Keywords: Trusted Third Party (TTP), Pretty Good Privacy (PGP), Secure Socket layer (SSL), Secure Electronic Transaction (SET). 1. INTRODUCTION E-commerce refers to a wide range of online business activities for products and services. Security is the basic need to secure information on internet. It also pertains to any form of business transaction in which the parties interact electronically rather than by physical exchanges or direct physical contact. A security objective is the contribution to security that a system or a product is intended to achieve. E-commerce has become a dynamic force, changing all kinds of business operations world-wide. E-commerce is conducted on global network i.e. Internet which is un-trusted. So confidentiality is required during transmission and it must be kept secure against all type of threats The related...

Words: 2757 - Pages: 12

Premium Essay

Mobile Commerce and Its Applicability in Egypt

...Mobile Commerce Research June 22, 2013 M-commerce and its applicability in Egypt Prepared by Mahmoud Youssef Hany Nemr Mahmoud El Sayed Research Paper Title: Mobile Commerce and its applicability in Egypt 1. Abstract 2. Introduction 3. Mobile commerce features 4. Mobile commerce opportunities 5. Mobile commerce success factors 6. Mobile commerce adoption barriers and challenges 7. Mobile commerce applications 8. Future trends in mobile commerce 9. Conclusion 10. References ABSTRACT F ast−growing ability of wireless devices to handle a wealth of data content as well as voice transmission is opening the door to the creation of new products, services, markets, and revenue streams. According to research projections, mobile commerce will cross $30 billion by end of 2016 growing at 40% compound rate at U.S. only. Globally, consumers are likely to spend $119 billion by 2015 through their mobile phones, which will account for 8% of all ecommerce activity. Mobile commerce is gaining increasing acceptance. The need for mobility is a primary driving force behind mobile banking, mobile entertainment and mobile marketing, and is supported by an ever increasing convergence of computers and mobile telecommunication devices. So this paper is a descriptive study for the overall picture of mobile commerce and its features, opportunities, success factors and challenges and its......

Words: 8870 - Pages: 36

Premium Essay

Mobile Commerce and Its Applicability in Egypt

...Mobile Commerce Research June 22, 2013 M-commerce and its applicability in Egypt Dr. Eman Arafa Prepared by Mahmoud Sayed Hany Hassan Hussein Nemr Mahmoud Mohamed El Sayed Research Paper Title: Mobile Commerce and its applicability in Egypt 1. Abstract 2. Introduction 3. Mobile commerce features 4. Mobile commerce opportunities 5. Mobile commerce success factors 6. Mobile commerce adoption barriers and challenges 7. Mobile commerce applications 8. Future trends in mobile commerce 9. Conclusion 10. References ABSTRACT F ast−growing ability of wireless devices to handle a wealth of data content as well as voice transmission is opening the door to the creation of new products, services, markets, and revenue streams. According to research projections, mobile commerce will cross $30 billion by end of 2016 growing at 40% compound rate at U.S. only. Globally, consumers are likely to spend $119 billion by 2015 through their mobile phones, which will account for 8% of all ecommerce activity. Mobile commerce is gaining increasing acceptance. The need for mobility is a primary driving force behind mobile banking, mobile entertainment and mobile marketing, and is supported by an ever increasing convergence of computers and mobile telecommunication devices. So this paper is a descriptive study for the overall picture of mobile commerce and its features, opportunities, success factors...

Words: 8938 - Pages: 36

Premium Essay

Ziggy's Suit Department Systems Analysis & Design

...Objectives: 7 Desirable Objectives: 7 Priority of Project: 7 Project Scope: 7 Terms of Reference: 8 Time/Business Deadline: 8 Assumptions: 8 Systems Analysis: 10 Data Dictionary: Data Elements 12 Data Dictionary: Data Flows 15 Data Dictionary: Process Descriptions: 18 Data Dictionary: External Entities 21 Data Dictionary: Data Store 24 List of Constraints: 25 Forms and Reports: 26 Alternative Solutions: 29 E-commerce Web Design by Triad Web Design along with IntruGuard E-commerce Network Security 29 Maintain production in-store with implemented software upgrades and hardware installations: 30 My Recommendation: 31 System Design to Include 32 Input Screens for New System 32 Website Login Screen: 32 Website Contacts Screen: 33 Ziggy’s Suit Department Screen Report: 34 BOM (Bill of Materials) 35 Software Plan: 35 Hardware Plan: 35 Testing Plan for New System: 36 Training Plan: 36 Network Diagram: 37 Implementation: 38 A) Description: 38 B) Changeover Method: 38 C) Conversion Plan: 38 D) Gantt Chart: 39 E) Maintenance Contract Plan: 39 Zachary Powe ITM 5400-System Analysis and Design Mrs. Jolly January 12, 2012 Business: Ziggy’s Suit Department sells suits, shirt and tie combinations, and dress shoes for men and women. Ziggy’s Suit Department has been in operation since May 5, 1988. Ziggy’s Suit Department has a total of 50 stores nationwide with 15 being in Charleston, SC. Ziggy’s Suit......

Words: 2049 - Pages: 9

Premium Essay

Advantages And Disadvantages Of Cybercommerce

...cybercrime especially in this new era technology. Recently, this rises up hot issue about security threat in e-commerce. Cyber-attack usually happened on online business and organizations which threaten the security of data and operations in their trademark reputation as well as their intellectual property. These actions can cause significant damage or loss in e-commerce. Security is like a strong protective wall which blocks the bad guys and launching small, well-guarded doors to provide secure. So, this will prevent unauthorized organization to leak into or attack company system. E-commerce is an online transaction between buyers and sellers through the internet via devices such as computers or mobile phone. Nowadays, hacker can easily get valuable information from innocent victims. The most common security threat is stealing information of credit card and location details. Hackers can then exploit this information to rob the victims of huge amounts of cash. In orders to reduce such incidence, these are several precautionary solutions that formerly exist. For example, when a transaction is made with a credit card, banks will call up the card holder to inform and confirm the transaction that has been made by owners. 3.0...

Words: 793 - Pages: 4

Free Essay

Rcv Docs

...Case Study | Alibaba Group “F5 Application Delivery Networking solutions enabled us to build globalized data centers that are secure, reliable, and fast.” Wang Zhilei, Operations Director, Alibaba B2B Overview Alibaba Builds a Secure, Reliable, and Fast Data Center Using F5 Application Delivery Networking Products Global e-commerce leader Alibaba Group is the largest e-commerce company in China. The company plans to expand its operations significantly, and needed to support several e-commerce sites in different parts of the world. By using F5® BIG-IP® Global Traffic Manager™ (GTM) and F5 BIG-IP® Local Traffic Manager™ (LTM), Alibaba was able to consistently provide high-quality and secure services to its 24/7 worldwide customer base. Business Challenge Founded in 1999, Alibaba Group has grown to include the core businesses described below. • Alibaba.com, the group’s flagship company and the world’s leading B2B e-commerce company, serves small and medium-size enterprises (SMEs) in China and around the world. It has more than 40 million registered users from more than 240 countries and regions. The company has offices in more than 40 cities across Greater China, as well as in Europe and the United States. • Taobao is China’s largest consumer e-commerce company. It incorporates Alimama, China’s largest online advertising exchange platform. With a registered user base of nearly 100 million, its transaction volume was RMB 99.96 billion (US $14.6 billion) in 2008, up......

Words: 1029 - Pages: 5

Premium Essay

Cemex

...Organizations: Cemex: A Digital Firm in the Making ....14 Window on Technology: UPS Competes Globally with Information Technology ....17 It Isn't Just Technology: A Business Perspective on Information Systems 18 • Dimensions of Information Systems ....20 1.3 Contemporary Approaches to Information Systems ....25 Technical Approach 26 • Behavioral Approach 26 • Approach of This Text: Sociotechnical Systems ....27 1.4 Learning to Use Information Systems: New Opportunities with Technology ....27 The Challenge of Information Systems: Key Management Issues 28 • Integrating Text with Technology: New Opportunities for Learning ....30 Make IT Your Business ....31 Summary, 31 • Key Terms, 32 • Review Questions, 32 • Discussion Questions, 33 • Application Software Exercise: Database Exercise: Adding Value to Information for Management Decision Making, 33 • Dirt Bikes USA: Preparing a Management Overview of the Company, 33 • Electronic Commerce Project: Analyzing Shipping Costs, 34 • Group Project: Analyzing a Business System, 34 • Case Study: Dollar General: Heavy on Organization, Light on Systems, ....35 Chapter 2. Information Systems in the Enterprise ....38 Opening Case: Fast Fashion, Hot Systems ....39 2.1 Major Types of Systems in Organizations ....40 Different Kinds of Systems 40 • Four Major Types of Systems 41 • Relationship of Systems to...

Words: 3823 - Pages: 16

Premium Essay

Learning-Guide

...Learning Guide INFS2233 Foundations of Electronic Commerce UQ Business School Faculty of Business, Economics and Law St. Lucia Campus Semester 1, 2009 Any student with a disability who may require alternative academic arrangements in this course is encouraged to seek advice at the commencement of the semester from a disability adviser at Student Support Services. Authors Dr Chris Manning Dr Marta Indulska Dr Dongming Xu Updated by Dr Paul O’Brien Produced by the Teaching and Educational Development Institute, The University of Queensland www.tedi.uq.edu.au Copyright materials contained herein have been reproduced under the provisions of the Copyright Act 1968, as amended, or with the permission of the copyright owner. This material may not be reproduced in any manner whatsoever except for the purposes of individual study. University Provider Number 00025B © The University of Queensland contents Contents Module 1 Introduction to electronic commerce Objectives Basic elements of electronic commerce (EC) 1 1 3 Differences between electronic commerce and traditional commerce 5 New ways of doing business with electronic commerce History of electronic commerce (EC) Planning an e-commerce project Legal, ethical and international issues Case study guidelines 6 8 10 10 11 Module 2 Business decision-making and planning for electronic commerce 17 Objectives Planning an e-commerce project Economic models Competitive advantage and electronic......

Words: 38720 - Pages: 155

Premium Essay

Web Solution

...Web-Based Solution Overview of Business & Web-Based Solution In this paper, TNV Bank selects for this paper that is the imagined banks. This bank is established in the US and providing their banking products and services in the US and others countries. TNV related to the banking industry and it generates revenues through different ways such as interest, transaction charges, services fees and provides financial advice. The main method of generate revenue is charging interest on the capital and lending activities. This bank provides different types of the financial products and services of the customers including saving account, current accounts, personal loans, home loans, foreign exchange services, credit and debit cards, online and NRI Services, cash management, treasury services, insurance and investment options. The company's strategic vision is becoming largest banks of the US in terms of numbers of customers and generates revenues through reach and connects with the more people. The main stakeholders of TNV bank are board of directors, management, employees, shareholders, customers and government. TVN banks established its offices in the all major cities of the US to distribute its financial products and services of the customers. The company operations strategy is using latest technology to provide best services of the customers at the right place with less time. American Express, Ally Financial, Regions Financial, RBS Citizen Financial Group, BMO Financial......

Words: 2392 - Pages: 10

Free Essay

Case Study

...Service Sector The service sector covers a wide range of activities from the most sophisticated information technology (IT) to simple service provided by the unorganized sector , such as the services of the barber and plumber . National accounts classification of the services sector incorporate trade, hostels and restaurants; transport, storage and communication; financing, insurance, real estate, and business services; and community, social and personal services. The service sector consists of the "soft" parts of the economy, i.e. activities where people offer their knowledge and time to improve productivity, performance, potential, and sustainability, what is termed affective labor. The basic characteristic of this sector is the production of services instead of end products. Services (also known as "intangible goods") incl7ude attention, advice, access, experience, and discussion. The service industry forms a backbone of social and economic development of a region. It is one of the major sectors in the non-good producing industries under private ownership. Approximately 55%of the economic activity of us occurs in service industries comprising of different divisions as classified by North American industry classifications system (NAICS). In World Trade Organization (WTO) and Reserve Bank of India (RBI) classifications, construction is also included. Service sector is the lifeline for the social economic growth of a country. In the day of largest and fastest growing......

Words: 23600 - Pages: 95

Premium Essay

Nternational Journal of Engineering Research & Technology

...International Journal of Engineering Research & Technology (IJERT) ISSN: 2278-0181 Vol. 1 Issue 4, June - 2012 An Efficient Authentication and Payment Method for M-Commerce Sukhjit Kaur Post Graduate,RIMT Institutes Mandi Gobindgarh (PB) –147301 Anuj Kumar Gupta Associate Professor,RIMT Institute of Engg. & Technology Mandi Gobindgarh (PB) - 147301 Abstract Technological advances in mobile phones (e.g. Smartphones) have also made it possible to carry out ecommerce via mobile phones (m-commerce). Mcommerce involves the use of mobile devices such as mobile phones and PDA’s in carrying out electronic transactions.Just like e-commerce, the security of mcommerce applications is critical, especially when it involves applications that deal with user sensitive data such as credit cards details, medical details etc. Authentication and secure payment is a major security issue when it comes to carrying out mobile financial transactions remotely.However, the security issues that arise with the growth in this field cannot be neglected. For example, how does one ensure that participants in an m-commerce transaction are who they claim to be (authentication)? Also, how does one support secure financial transactions in m-commerce businesses? Credit card fraud is identity theft in its most simple form. It can happen when your pre-approved credit card offers fall into the wrong hands. Acc to survey,The Federal Trade Commission estimates that 10 million people are victimized by credit......

Words: 1390 - Pages: 6

Premium Essay

Infrastructure and Systems Implementation Plan

...Idea To Be Explored Potentially Identified Solution | Project Type | New Project Enhancement to Existing or Former Project | Working Title of Project | Infrastructure and Systems Implementation Plan | Project Sponsors | WInt IT department, Rosanne Moran, IT Director. | ------------------------------------------------- ------------------------------------------------- Introduction Widgets International, Inc. currently consists of Widgets USA, LLC and Widgets-R-Us, LTD. Combined Widgets International, Inc. has 50 years of experience in providing function critical assembly and machinery solutions. WUSA has cornered the Business to Business market while WRU has grown in leaps and bounds in the retail market. Together as Widgets International, Inc., they stand to increase their market share substantially by creating and offering innovative and cost effective assembly solutions globally. (Anderson, Unit1, 2014) ------------------------------------------------- ------------------------------------------------- Purpose and Justification This proposal will explore the requirements for the application and implementation of an easily manageable information system that will be an effective and efficient agent in expanding the organization internationally. To date we have considered the benefits of Internet access, a private Intranet, an Extranet, Supply Chain Management (SCM), Enterprise Resource Planning (ERP), E-Commerce, Product Lifecycle Management (PLM),......

Words: 2927 - Pages: 12

Premium Essay

Iwerdhrtes

...Gashash A00011462 * Ibraheem Babalola A00010481 * Victory O. Okurakpo A00013215 Abstract Although the application of Information and Communication Technology (ICT) in rural areas can be advantageous, there are also some limitations that may hinder the development of these areas. This study aims at identifying the problems that are caused by ICT in the application of electronic commerce and electronic business in rural Nigeria. The paper will point out these limitations and give solutions to each, thereby ensuring a smooth development process. The following limitations were found: System scalability and available customers, fraud and identity theft, delivery time and uncertainty, trust and customer satisfaction. Key words: Electronic commerce, Electronic business Methodology: The method used in this research is Internet research and personal observation. Solutions To The limitations Of E-commerce And E-business According to Wikipedia: “Electronic commerce consists of the buying and selling of products or services over electronic systems such as the Internet and other computer networks. It is more than just buying and selling products online. It also includes the entire online process of developing, marketing, selling, delivering, servicing and paying for products and service”. Wikipedia also stated: “Electronic business may be defined as the application of information and communication technologies (ICT) in support of all the activities of a particular......

Words: 2345 - Pages: 10

Premium Essay

Mobile Computing. Social Networking

...thousands of applications that have been developed for mobile devices which perform a myriad of tasks and processes. In the beginning most of these applications were games. Business later joined the mobile revolution and developed their own business based applications to run on these mobile devices. Many mobile business applications can now streamline business processes, reduce operational processing times and provide better customer service. The mobile revolution has forced many industries to reengineer their business processes to accommodate the many mobile devices. In order for a business to remain competitive within their particular industry they must engage the mobile platform. In fact today, the customers demand and expect that these applications be available for their use. For this final term paper I have been asked to: (1) Assess the effectiveness and efficiency of mobile-based applications especially those which utilize GPS to capture information vice a desktop PC. (2) Evaluate the benefits afforded to the customer from mobile applications. (3) Examine the challenges of developers to design mobile applications to meet the various mobile devices specifications especially their many screen formats. (4) Describe methodologies to use to select the mobile platform to support your applications. (5) Mobile-devices require high availability, discuss ways of supporting this demand availability (6) Mobile device are very vulnerable to hackers and other security......

Words: 3789 - Pages: 16