Blogger news

Wednesday, 26 December 2012

Risk Assessment on Amazon.com

Risk Assessment on Amazon.com

This risk assessment is meant to identify threats and vulnerabilities of Amazon, the largest online book store and a fast growing ecommerce platform. The findings of this research can be used as the base while considering measures to ensure security in Amazon. Further, it can be used by upcoming entrepreneurs as a source of information about possible and present risks and uncertainties in the ecommerce world.

According to Darshanand and R. McKegney, A secure system accomplishes its task with no unintended side effects. According to them, security has three main concepts: confidentiality, integrity, and availability. Confidentiality allows only authorized parties to read protected information. This assessment report focuses on the three main concepts, checks them against Amazon and attempts to determine the level of risk in which Amazon is operating.

This risk assessment is based on research. Information has been collected from public domains and from journals are used as the bases for the identification. Attempt has also been made to get first hand customer experience in order to report more accurately.
  
Overview of Amazon
Just as mentioned above, Amazon is a major ecommerce player, having started as a bookstore and grown to become a major all-item shop. In addition, Amazon has intimate connections with other ecommerce service providers such as shopping cart software providers, payment companies such as PayPal, and credit and debit card firms e.g. Visa, American Express among others. Such a complex structure means that there are several areas through which hackers, employees and customers can find loopholes and exploit to the detriment of Amazon.

<h2>Amazon System</h2>
Amazon operates as a fully online system. The following diagrams attempts a graphical representation of the system

3.2    Amazon’s Assets
Amazon business system has various assets, which form the basis of its success. These assets can be categorized into:
Personnel
Information
System Facilities
System Infrastructure
Software

3.3 Users
There are four types of users who have been identified to interact in the Amazon system. These can be presented in the form of a table as shown below. Each of the user has different levels of privileges determined in the design of Amazon business structure.

User    Description
Buyer     Customer who bid and buy goods from the Amazon system
Seller     Customer who sell goods on the trading platform
Employee     Employees who administer the system, providing customer services and do help desks.
payment Systems     These utilize Amazon’s system information for financial transactions. These includes transfer of funds from buyers to sellers or the Amazon system

No comments:

Post a Comment

Do not post any un-related message...