Identify and discuss the five steps in developing an e-commerce security plan.

-

The five steps in developing an e-commerce security plan are:

1. Perform a risk assessment: 

First, an inventory of the information and knowledge assets of a company is taken, and a dollar value amount is placed on each asset. Then, this amount is multiplied by the estimated probability that the information could be compromised. This computation is used to produce a ranked list of the information assets of the firm prioritized by their value.


2.  Develop a security policy: 

A set of statements should be developed that prioritizes the information risks, identifies acceptable risk targets, and sets out the goals for achieving these targets. Included in the security policy should be a list of the personnel who are or will be entrusted with the information assets. It should also include a description of the security policies that presently exist for these assets and suggestions for improvements. Finally, it should outline the level of risk the firm is willing to accept for each asset, and the estimated cost to achieve this level of acceptable risk.


3.  Develop an implementation plan: 

The actions that must be taken to achieve the security plan goals must be set out. The tools, technologies, policies, and procedures needed to achieve acceptable levels of risk must be developed.


4.  Create a security organization: 

A security organization must be established that will train users and keep management apprised of the security threats and breakdowns. The access controls that will determine who can gain legitimate access to the firm’s networks and the authentication procedures that will be used to protect data from intruders must be determined. Authorization policies must also be established for the differing levels of access to information assets for different users.


5.  Perform a security audit: 

A security audit must be conducted to identify how outsiders are using the site and how insiders are accessing the site’s assets. A monthly report should be generated that will establish the routine and nonroutine accesses to the system and identify any unusual patterns.



Comments

Post a Comment

Popular posts from this blog

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more

Suppose that a data warehouse consists of the three dimensions time, doctor, and patient, and the two measures count and charge, where a charge is the fee that a doctor charges a patient for a visit. a) Draw a schema diagram for the above data warehouse using one of the schemas. [star, snowflake, fact constellation] b) Starting with the base cuboid [day, doctor, patient], what specific OLAP operations should be performed in order to list the total fee collected by each doctor in 2004? c) To obtain the same list, write an SQL query assuming the data are stored in a relational database with the schema fee (day, month, year, doctor, hospital, patient, count, charge)

-
Image
Solution: a) Star Schema is shown in the figure below: b) First, we should use the roll-up operation to get the year 2004(rolling-up from the day then month to a year). After getting that, we need to use the slice operation to select (2004). Second, we should use roll-up operation again to get all patients. Then, we need to use the slice operation to select (all). Finally, we get a list of the total fee collected by each doctor in 2004. So, 1. roll up from day to month to year 2. slice for year = “2004” 3. roll up on patient from the individual patient to all 4. slice for patient = “all” 5. get the list of the total fees collected by each doctor in 2004 c) Select doctor, Sum(charge) From fee Where year = 2004 Group by doctor
Read more

Suppose that a data warehouse consists of the four dimensions; date, spectator, location, and game, and the two measures, count and charge, where charge is the fee that a spectator pays when watching a game on a given date. Spectators may be students, adults, or seniors, with each category having its own charge rate. a) Draw a star schema diagram for the data b) Starting with the base cuboid [date; spectator; location; game], what specific OLAP operations should perform in order to list the total charge paid by student spectators at GM Place in 2004?

-
Image
  b) The specific OLAP operations to be performed are: 1. Roll-up on date from date id to year. 2. Roll-up on spectator from spectator id to status. 3. Roll-up on location from location id to location name. 4. Roll-up on the game from game id to all. 5. Dice with status= “students”, location name= “GM Place”, and year=2004
Read more