Elektrooniliste kaubandussüsteemide turvariski juhtimine
Files
Date
2018
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Turvariski juhtimine mängib iga süsteemi väljatöötamisel olulist rolli ja see kehtib ka elektrooniliste kaubandussüsteemide kohta. Kuna paljud inimesed kasutavad neid teenuseid, võivad nad kokku puutuda ebaadekvaatsete turvameetmetega ja see on kahjulik nii äritegevusele kui klientidele. Antud lõputöö toob uurimistöö tulemusena välja elektrooniliste kaubandussüsteemide toiminguid, mis on suunatud turvariskide vähendamisele, uurides ja analüüsides Webshop poodi.Antud meetod vaatleb turvariski juhtimise strateegiate hindamist, olles selle eriala ekspertide poolt heaks kiidetud ning ei käsitle mitte ainult elektrooniliste kaubandussüsteemide potentsiaalsete ohtude määratlemist, vaid tagab ka turvariski juhtimise struktureeritud kulgemise. Turvariski juhtimise protsess on esitatud sellisel kujul, et ta on asjakohastele elektrooniliste kaubandussüsteemide osanikele arusaadav.
Security risk management is a vital part of any system development including e-commerce systems. As many people rely on these e-services, its inadequate security measures can be experienced, causing great losses to both businesses and customers. This thesis research work proposes a procedure that targets e-commerce system security and suggests the application of a threat-driven approach to security risk management by analysing an e-commerce system Webshop as a case study.This approach provides a useful assessment of the security risk management procedure that is validated by experts in the field. It not only identifies evolving threats to e-commerce systems but allows for a structured flow in security risk management. The risk management process is documented and reported in such a way that is easily understandable by concerned stakeholders of the e-commerce system.
Security risk management is a vital part of any system development including e-commerce systems. As many people rely on these e-services, its inadequate security measures can be experienced, causing great losses to both businesses and customers. This thesis research work proposes a procedure that targets e-commerce system security and suggests the application of a threat-driven approach to security risk management by analysing an e-commerce system Webshop as a case study.This approach provides a useful assessment of the security risk management procedure that is validated by experts in the field. It not only identifies evolving threats to e-commerce systems but allows for a structured flow in security risk management. The risk management process is documented and reported in such a way that is easily understandable by concerned stakeholders of the e-commerce system.