ABSTRACT
Electronic commerce is the set of totally dematerialized relations that economic agents establish with each other. The degree of security offered in electronic commerce must be commensurate with the amount of the transaction and the value of the goods and services being bought. Depending on the nature of the economic agents, electronic commerce applications fall within one of four main categories of business relations: business-to-business; business-to-consumer; point-of-sale operations; and peer-to-peer commerce. The main security services in a generic electronic transaction are confidentiality, integrity, authentication, access control and non-repudiation. Secure Electronic transaction was designed with bank card security in mind. It operates at the application layer independently of the lower layers, even though most of its intended use was over transport control protocol/internet protocol networks. Without adequate authentication and access control, electronic commerce sites are vulnerable to denial of service attacks that can prevent normal access by legitimate users.
