Chapter 13 – |
E-Commerce Vulnerabilities |
Dr. Anup K. Ghosh
Chapter Contents:
|
13.1 |
|
Introduction
|
|
13.2 |
|
Breaking E-Commerce Systems
|
|
13.3 |
|
Case Study of Breaking an E-Business
|
|
13.4 |
|
E-Commerce System Security
|
|
13.5 |
|
Protecting E-Commerce Applications
|
|
13.6 |
|
Components and Vulnerabilities in E-Commerce Systems
|
|
13.6.1 |
|
Client-side Risks
|
|
13.6.2 |
|
Network Protocol Risks
|
|
13.6.3 |
|
Business Application Logic
|
|
13.6.4 |
|
CGI Script Vulnerabilities
|
|
13.6.5 |
|
Application Subversion
|
|
13.6.6 |
|
Web Server Exploits
|
|
13.6.6.1 |
|
Configuration
|
|
13.6.6.2 |
|
HTML Coding and Server Side Includes
|
|
13.6.6.3 |
|
Private Documents in Public Directories
|
|
13.6.6.4 |
|
Cookies
|
|
13.6.7 |
|
Database Security
|
|
13.6.8 |
|
Platform Security
|
|
13.7 |
|
Summary
|
|
13.8 |
|
Notes
|
|
13.9 |
|
For Further Reading
|
|
|
|