Administered by: National Institute of Standards and Technology
This project will address security certification for component-based software used in Internet-based electronic commerce (EC). E-commerce security became an issue early on in the development of e-commerce sites, when consumers began worrying about how safe it was to transmit credit card numbers over the Internet. Since those early days, our work has shown that the problem of e-commerce security is much greater than simply providing confidentiality of data transmitted over the Internet. In fact, e-commerce sites have more security concerns than the typical Internet site because of the advanced functionality they bring to the Net. We proposed this project in e-commerce security to address the growing market in component-based e-commerce where the security of the software components will necessarily be paramount. Despite the great potential to connect businesses, merchants, and consumers anywhere at anytime, affordably and easily, the dangers of e-commerce loom large. Until the security issues of software-component-based commerce are adequately addressed, electronic commerce will not reach critical mass.