The major benefits of Ecommerce are:

- Secure       : More secure than a cheque.

- Fast           : The transactions take not more than a few seconds

- Always on  : The purchases can be made 24/7

- Convenient:  Ease of purchasing

-Reduced cost price : Reduction of Marketing and Advertising Costs

=> When a consumer wants to buy a certain product, he go to the website and selects the product he wants to buy. 

=> Once the product is selected, the consumer transaction is moved to the online transaction server where he places an order. 

=> The informations is exchanged over a secure channel through a private gateway to a processing network. 

=> The networked banks accept or reject the transaction.

 All this happens in just a matter of seconds. E-commerce is a very secure due to the SSL (Secure Socket Layer) technology.

- Web servers can be infiltrated using the command shell by an attacker to read the HTML files that is getting transferred. 

- If the set-uid scripts are not proper and bad then the infiltration can happen by the attacker. 

- The processes are not given proper permissions so that the password can be changed by using the “passwd” command to change the password of the system.

- This also authenticates the user for accessing the system and the files on it containing the data. 

- The program that is used in the operating system doesn’t follow the principle of least privilege and lead to security issues.

Security features are very essential in the system as it provides an overall security of the system by applying the patches and the services that keeps the unwanted access away. 

The security features included are as follows:

- Use of algorithms in relation to, the security and the system to, solve the problem of the security. 

- Use of SSL or any encryption method to, protect the system from intrusion or any other attack. 

- Use of SSL in the SimpleWebServer that doesn’t provides the protection against the DoS attack and doesn’t allow the accessing to, be done using the /etc/shadow.

- The infinite file error can be solved when the data will be read continuously from the file. 

- The error can be solved by using the keys that provide only the resources that are required. 

- The following program is as follows:

osw.write ("HTTP/1.0 200 OK\n\n"); 

while (c != -1) { 

sb.append((char)c); 

c = fr.read(); 

} 

osw.write (sb.toString()); 

- This converts the requested file in such a way that if the file exists it shows the messages as ok otherwise it shows an error.

- Limited file access is to be given to the file to remove the error from the infinite file type.

- Infinite file consists of random bits of code that is stored in /dev/random file used to generate the cryptographic keys. 

- Infinite file consists of the source of infinite data that can be used to provide the response in easy manner. 

- Web server consists of the file that is received by the server in this format GET //dev/random HTTP/1.0. 

- Web server provides the continuous data that can be read from /dev/random/ before the web server can run out of the memory. 

- The server crashes out in case it runs out of the memory due to the infinite file type and it is very essential in case of the web security.

- Fail-safe approach defines the level that divides the security such that it is safe even in case the system is failed.

- The fail safe approach doesn’t allow an attacker to take the advantage by breaking in the system and crashes out.

- This approach allows the web server to perform the routines even if the system runs out of the memory in case of any attack. 

- The system in attacks doesn’t skip the access to the control check or it doesn’t skip serving any document requested. 

- Fail safe approach can force the web server to run of the memory and have a DoS attack.

- The principle of least privilege is used to provide more security to the computer programs. 

- The principle allows the designing of the program such that any unauthorized access is not allowed and only the person who owns the program will be able to access it. 

- The services provided should be able to access only those products that need the services. 

- Web servers that are involved in responding the queries of the web users provide only accessing to the HTML files that will serve the purpose of the programs. 

- Computer programs should be made such that it provides secure features of logging into the program with proper authentication.