Download file to see previous pages...
A security policy specifically is the imperative foundation on which a valuable and complete security program can be developed. This significant constituent of the overall security architecture is usually ignored. A security policy is the most important way in which management’s decision for security is converted into specific, measurable, and testable goals and objectives. It is essential to take a top down approach (defining the policy and then roles and responsibilities to enact it properly) based on a well-stated policy in order to make an effective security architecture. On the other hand, if there is an absence of a security policy guiding the decision makers, then decisions will be made on ad-hoc bases, by the individuals developing, installing, and maintaining computer systems, and this will result in a disparate and less than optimal security architecture being used or implemented (Weise & Martin, 2001). The structure of this report is as follows: next section describes the components necessary for developing and defining the policy then a policy is developed to govern the transaction management system of an organization.
It characterizes the challenge or issue that management is dealing with. It might include regulatory restrictions, security of highly significant data, or the appropriate utilization of certain technologies. Sometimes, it may be needed to describe terms. It is also vital that everyone involved in the policy, must understands its content. Moreover, the conditions must also be stated under which policy is applicable (Olzak, 2010; Patrick, 2001).
Objectives are usually specified within the scope definition and may take in actions and configurations forbidden or restricted. In addition, these are also normally defined outside a policy, conditions and organizational practices may necessitate placing certain standards and
...Download file to see next pagesRead More
According to the paper as ‘Electronic commerce’ evolves the business practices of the business around the world in terms of profitability, success, and gaining competitive advantages. Background researches and studies have tried to enhance security but it is still the biggest challenge for security professionals and business.
To keep themselves safe and make things go as expected, it is important to have security of different level. A blend of physical, computer, communication, and network security together construct the information security. Not one defense type can protect the company; therefore the perception of total information security is vital to the success of the enterprise.
The advantages of the E-Voting System: It provides secrecy and protects the privacy of the voter since the vote is cast anonymously. The credentials of the voter are only checked prior to entering the voting booth. The system allows for the generation of a ballot based on the credentials of the voter and the validity of the credentials determine the number of votes that the voter can cast.
Electronic voting systems seek to reduce time consumption during any type of voting and increase participation (Liaw, p 108). It also improves the accuracy of results and lowers the cost of conducting elections. There is an advanced online voting system used in universities for teaching and voting, whereby the students vote anytime and anywhere using both fixed and mobile devices such as personal computers, PDAs and smartphones.
This paper focuses on the issues of security and privacy in e-commerce applications; tries to strike an ethical balance between security, privacy, and freedom of information in cyberspace world; and presents results of research findings of the degree of comfort and level of trust in e-commerce applications in consumers.