Chapter 1 (25 points + 2 points) 1. The following steps describe a Customer Online Ordering Process in an online processing system of Company ABC. 1. a customer opens a web browser that is installed on his/her computer and has been connected to the Internet through an Internet Service Provider XYZ. 2. the customer enters the web link of Company ABC's home page. 3. the web browser sends the link to the web server of the Company ABC over the Internet. 4. the web server sends the requested home page to the web browser of the customer over the Internet. 5. the customer searches the product information (e.g., item number, item name, type, color, available stock, and unit price) via the web browser. 6. the web browser passes the request of the product information to the web server of the company. 7. the web server retrieves the product information from the Company ABC's local database server that is connected through the company's internal network. 8. the web server sends the product information to the web browser of the customer. 9. the customer places an order via the web browser. 10. the web browser passes the order information (e.g., item number, item name, type, color, ordered quantity) to the web server of the company. 11. the server calculates the total charge of the order and sends total charge information along with the request for payment information (e.8., credit card number, expiration date, security code, customer's name, customer's address, and the delivering address, if different) to the browser of the customer. 12. the customer reads the total charge and enters the requested payment information to the browser. 13. the browser passes the payment information back to the web server of the Company ABC. 14. the web server receives the payment information and saves the payment information with the order information, as a new record, to the order file on the company's database server, 15. the web server sends an order confirmation to the browser of the customer. 16. the customer saves the confirmation on his/her local computer. A summary of the process with a diagram will receive up to 2 extra points. 2. Please describe the value of the information assets identified in Question #1 to the Company ABC and to the customer. 3. Identify the potential security issues related to the information assets in this process and organize the issues along the dimensions of confidentiality, integrity, and or availability. 4. Identify the threats that will lead potentially to the security issues in Question #3 and organize the threats into the categories elaborated in Table 1-1 on page 13 of the textbook. 5. Specify the logical or physical locations or the components in this process that will be impacted once the threats in Question #4 are materialized and what the impacts are