In the development of E-Commerce, security has always been the core and key issue. In this paper, a new model is proposed to assist E-Commerce practitioners in the assessment of E-Commerce security. The proposed model is based on Analytical Hierarchy Process (AHP) and Dempster–Shafer (DS) theory of evidence. First, according to the characteristics of E-Commerce, a hierarchical structure of E-Commerce security is established to calculate the weights of relevant issues using AHP. Then Dempster–Shafer theory of evidence is applied to combine all the issues, regarded as evidences, in order to derive a consensus decision for the degree of E-Commerce security. An illustrative example is given to show the efficiency of our model.
With the development of information technology and communication technology and the popularization of the Internet, E-Commerce is sweeping through all walks in world with an irreversible trend. E-Commerce holds many advantages for the commercial world, such as efficiency and convenient, but unfortunately there are also some disadvantages. Due to the virtuality of E-Commerce and the open of the Internet, security issues are emerging and have become the bottleneck of E-Commerce development (Gerber & von Solms, 2001).
The study of Ngai and Wat (2002) indicated that 42% of the articles in topics of technological issues, were on E-Commerce security. And many researches have been conducted on a variety of security technologies, such as: E-Commerce protocols (Adi et al., 2000, Brlek et al., 2006 and Ogata and Futatsugi, 2010), user authentication (Lin & Chang, 2009), electronic signatures (Srivastava, 2009), electronic payment (Guan, Tan, & Hua, 2004) and so on. The investigation of Belanger, Hiller, and Smith (2002) indicated that consumers valued specific security technologies significantly more than three other trust indices, which are third party privacy seals, privacy statements and third party security seals. However, technology protections alone are far from enough. A number of security issues should be take into consideration to increase the whole security of E-Commerce, such as: legal security (de Lamberterie, 2003), physical security (Furnell, 2004), managerial security (Tomlinson, 2000) and so on (Oosthuizen, 1998 and Tsiakis and Sthephanides, 2005).
In addition, some of the studies on E-Commerce security were focused on E-Commerce security solutions. Zuccato, 2004 and Zuccato, 2005 proposed an approach to elicit security requirements and then developed a security management framework to improve E-Commerce security. Meanwhile, an adaptive secure methodology has been proposed by Tak and Park, to support non-repudiation service in E-Commerce and provides E-Commerce transactions with high quality of security services (Tak & Park, 2004).
However, because of the limitation of security technology and the complexity of security issues, it is difficult to find a complete and absolute secure E-Commerce security solution. Therefore, some qualitative and quantitative analysis and necessary assessment of E-Commerce security will be imperative. Best to our knowledge, we do not find any works on constructing comprehensive model to assess the E-Commerce security. This paper is primarily concerned with providing a model to solve such problems. Analytic Hierarchy Process (AHP) integrated with Dempster–Shafer (DS) theory of evidence is used in the model to assist in the assessment of E-Commerce security.
The paper is organized as follows. Section 2 begins with a brief introduction to the basic theory used in the model. Then, procedure of the proposed model for evaluating E-Commerce security is depicted in Section 3. And a numerical example is presented in Section 4. Section 5 concludes the paper
One of the crucial issues affecting the development of E-Commerce is security. According to the features of E-Commerce, this paper has proposed a more refined assessment model and assessment method for E-Commerce security. Based on the theory of AHP and evidential reasoning, the proposed method in our model is flexible and practical to cope with qualitative, quantitative or uncertain factors. The model provides a vehicle for E-Commerce practitioners and has proven its potential in helping with evaluating the security. Although the assessing variables may be affected by contingent variables of different circumstances, the proposed model can easily be modified to those variables for the assessment of E-Commerce security. It is believed that the developed model will be potentially helpful in decision making problems, as in the assessment of E-Commerce security.
