A phase model for e-commerce business models and its application to security assessment

New e-commerce business models attempt to exploit information technology to overcome the limitations of traditional business models and to lower costs by improving the efficiency of business processes. A basic requirement for their success is security mechanisms against theft or other fraud. The overall security assessment of business models is complicated, however, since the simple customer-vendor model is often augmented by a large number of roles and interactions. The paper presents a simple approach to understanding e-commerce business models by phases in business processes and roles and interactions in each phase. We use our model to categorize several typical new business models and then analyze the specific security requirements of these business models and highlight potential threat scenarios and describe their solutions. The contribution of the paper is in the decomposition approach for e-commerce business models and its application to the systematic assessment of their security requirements.