The essential E-commerce process is required for the successful operation and management of E-commerce activities.
One of the processes is access control and security. Access control is arguably the most fundamental and most pervasive security mechanism in use today. Access control shows up in virtually all systems and imposes great architectural and administrative challenges at all levels of enterprise computing.
E-commerce must establish mutual trust and secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features.
Access control controls should be used for the system and all system users should be required to make use of those controls.
For example, these processes establish that a customer and E-commerce site are who they say they are through user names and passwords, encryption keys, biometric controls or digital certificates and signatures.
In addition to determining whether a user has rights to use a resource, the access control system may constrain when and how the resource may be used.
The E-commerce site must then authorize access to only those parts of the site that an individual user needs to accomplish his or her particular transactions. Thus, individual usually will be given access to all resources of an E-commerce site except for others people’s accounts, restricted company data, and webmaster administration areas.
The password or other access control for each authorized user should be unique to that user.
Access control is only one aspect of a comprehensive computer security solution, but it is one of the most visible.
Access Control of E-commerce
