Wednesday, January 14, 2009

Making a Market or Control and Security of E Commerce

Making a Market: The Institutional Transformation of an African Society

Author: Jean Ensminger

In Making a Market, Jean Ensminger analyzes the process by which the market was introduced into the economy of a group of Kenyan pastoralists. Professor Ensminger employs new institutional economic analysis to assess the impact of new market institutions on production and distribution, with particular emphasis on the effect of institutions on decreasing transaction costs over time. This study traces the effects of increasing commercialization on the economic well-being of individual households, rich and poor alike, over considerable time and analyzes the process by which institutions themselves are transformed as a market economy develops. This case study points out the importance of understanding the roles of ideology and bargaining power--in addition to pure economic forces, such as changing relative prices--in shaping market institutions.



Books about: Opportunities in Culinary Careers or Essence of Herbal and Floral Teas

Control and Security of E-Commerce

Author: Gordon Edward Smith

  • Explores the components of e-commerce (including EDI).
  • Shows the risks involved when using an e-commerce system.
  • Provides controls for protecting an e-commerce site (e.g., securing financial transactions and confidential transactions).
  • Provides COSO compliant audit approach.
  • Provides risk/control tables and checklists.
  • Technical topics are discussed in simple user-friendly language.

Dr. James B. Hansen

The essence of information security is all about people, processes, and controls. The heart of successful security is not pure technology. The key is a team of well-trained employees who are prepared to use technology as a tool to implement and manage effective IT controls. Gordon Smith’s important book is a quality follow-up to his first book dealing with a control assessment approach to network auditing. It is an outstanding presentation of what is important in implementing and managing IT controls. It simply belongs in the library of every IT manager, internal auditor, and security specialist. (Vice President of Security Services, DynTek, Inc.)

Professor Michael Davis

Gordon Smith’s latest book leads the field again. Based upon understandable theory and loads of real-world audit experience, Control and Security of E-Commerce will help you identify, isolate, and inoculate your company from today’s ever-present e-commerce perils. Don’t just ‘trust’ that your security is OK—use this book to make sure! (Graziadio School of Business and Management, Pepperdine University)

Dr. Jagdish S. Gangolly

Control and Security of E-Commerce is an invaluable book for practicing information systems professionals. Its unique informal and conversational style of writing is a pleasure to read. The war stories make the reading exciting for an area that is technical and often considered rather dry. The end-of-chapter guidelines for action are a treasure-trove of information. I highly recommend this book for anyone interested in e-commerce security. (Associate Professor and Director of the Graduate Accounting Programs, University at Albany, State University of New York)



Table of Contents:
Preface
Ch. 1Introduction1
E-Commerce Results in Business Globalization4
Ch. 2Legal Issues Related to E-Commerce11
E-Commerce in the Courtroom14
Legal Agreements in Support of E-Commerce19
Risk/Control Table24
Audit Checklist27
Ch. 3Information Security: Overview31
Specific Threats to E-Commerce35
Cryptography and Encryption39
Symmetric Cryptosystems39
Asymmetric Cryptosystems43
Key Management and Transfer Techniques43
Digital Signatures and Other Authentication Techniques46
Risk/Control Table48
Audit and Security Checklist52
Ch. 4Certificates and Nonrepudiation57
Certificates57
Nonrepudiation: Requirement for Internet Business63
Risk/Control Table67
Audit and Security Checklist71
Ch. 5Protecting the E-Commerce Environment73
Protecting the Internet Zone73
Protecting the Extranet Zone82
Protecting the Intranet88
Business Continuance: Keeping the Web Site Accessible89
Risk/Control Summary93
Audit and Security Checklist106
Ch. 6Protecting E-Commerce Data111
Securing Confidential Data113
Securing the UNIX Environment115
Securing the Windows Server Environment118
Data-Related Risk/Control Table124
Checklists for Protecting the Data137
Checklists for UNIX Systems138
Checklists for Windows Systems140
Checklists for Network Issues141
Ch. 7Auditing an E-Commerce Application143
Sales and Invoicing Function Audit Guide145
Index225

No comments: