Online Secure Auction System

For each sort of auction, a certain set of guidelines applies. For an auction, there are a variety of options, such as a minimum price limit or a maximum price limit. Bidders can participate in person or remotely, depending on the auction format. Participating in a remote auction is possible by telephone, mail, and the internet. Online shopping has becoming increasingly popular, and online auctions are growing significantly as well. There has been an increase in the use of online auctions in e-commerce, thus the system must be improved in terms of both its quality & security. We can join in a bidding war for goods and services via an online auction. The use of online software that regulates the processes involved simplifies the auction process. The English auction system is one of the most often used auction methods or types. There are no limits on the number of bids that can participate in an active auction with this method. Other names for the online auction system include e-auctions, electronic auctions, and so on. Online auctions or online bidding might be better defined by the client. When it is made more clear, it will be a healthy & beneficial practice. More and more businesses are turning to online bidding for a wide range of purposes. There are other services that can be offered in addition to the products that are for sale. The system grew as a result of this development because of its low cost. Online bidding has established itself as a common means of procuring goods and services. Bidders can be tracked and kept in a single database based on their preferences. The confidentiality of the user's data can be protected in order to ensure the legality & integrity of the contract. Neat reporting eliminates paperwork, postage, photocopying and time helpful. Multiple bidders could be communicated with a great simplicity. Using this technique, one person can make many bids. In online auctions, bids are based on the lowest or the highest price that is initiated, but not on what the product is actually worth. Although there is a chance to fix the criteria against the fact expected to have desired worth by the seller. Finally, the website is a finished product that does some work. It is supposed to fulfill some purpose. In most cases, a product's function is determined by market demand or necessity. The market comprises end-users that will be using the product, suppliers & buyers in our situation. As developers, our task is not only to make websites that serves the purpose but also be it easy to use and cater to many individuals. We can't presume that a user is a whiz at surfing the web. This necessitates the creation of visually appealing and intuitive user interfaces. Ebay&Listia are two of the most popular online auction platforms, however security standards have yet to be addressed. A user's confidence in a product is greatly impacted by its ability to be properly validated & verified.

• Online auction systems (OAS) must be built

with secure communication & collaboration amongst legitimate users in order to be secure. The following is a summary of OAS's basic security requirements:

• It is imperative to identify and authenticate

valid users in order to access bid information, content, or other supporting services.

• Establishing a security system with fine-

grained access control that permits legitimate users to access resources while safeguarding sensitive data from hackers or other unauthorized users (i.e., all other users).

• For auction participants, secret and tamper-

proof communication channels should be established by OAS. As a result, the transaction is processed safely.

• In order to keep track of site security and

usage, OAS should provide auditing & logging features.

• OAS shall provide safe data transactions from

and to sellers and from OAS to purchasers from vendors.

• OAS also takes database security into

account.

• OAS should clearly define data held, conditions for release of information, & duration for which information is held to ensure that neither authorized nor unauthorized users can access any data in the database system.

One of the most critical technologies for OAS is authentication. When logging into an OAS, it should be impossible for a user to pretend to be someone else. A third party should be unable to change the content of any document, including email addresses, digital signatures, or the text itself, without being detected. When using the OAS, a hacker would have to work twice as hard to impersonate a computer's IP address. In order to verify the identity of a user, network node, file, or communication on a network, there are a variety of authentication methods available. Encryption technologies are used to verify the identity of users during the system login procedure. The underlying technology that safeguards data as it travels across the Internet is encryption. The majority of OAS's encryption functions are described by four characteristics. To summarize, these are the four processes (Garfinkel, 1995). There are several different types of cryptographic systems, such as Secure Sockets Layer, Public Key Infrastructure, & Secure Electronic Transactions (SET).

The online auction site serves as a middleman between sellers and purchasers in a C2C online auction system. During the payment process, sellers & purchasers will come into contact with one other. OAS should provide a system for trustworthiness that establishes and verifies the identity of the parties in order to prevent problems with trustworthy transactions. Registration is almost always used by online businesses to identify and categorize their consumers. As a result of this, it is difficult to locate information that can be easily confirmed and that is both unique and impossible to create. This means that most systems have a difficult time confirming the accuracy of the data provided to identify registrants. In order to ensure trustworthy online registration, the availability of online verification services is a major limiting factor. The OAS may be able to do type checking on data fields (validate post codes or names). The customer's email address can be the only thing that can be verified with the present technology. Limiting the client base to users who have been certified may be the only practical option to ensure that customers can be trusted. However, this is not the case in the B2B market (B2B). It's a business-to-business exchange that takes place through the Internet. The transaction does not involve any customers. It is necessary for enterprises to have a definite legal entity to conduct business with one other. Multiple bids, purchase orders, payments, and so on can all be done through procurement and service portals that companies can access. There are now purchasing managers in other companies who were bidding on the item. There are no unregistered or unverified merchants on the market. When transacting across borders, B2B can run into difficulties. Taxes, charges, customs procedures, and other legal obligations are all part of "cross-border" transactions. In Europe, for

country. A slew of online payment-related difficulties are currently being worked out by the European Committee for Standardization (George, 2004). In certain Asian countries, the legal system is weak, ineffective, and corrupt. In the absence of such legislation, doing business with corporations in other nations will be more challenging. In Singapore and Hong Kong, supplier-buyer enablement (B2B) is straightforward to support, but in the Philippines, Indonesia, India, and China, it is still in its infancy (Choy, 2000). It will take a lot longer for these countries to build a sound legal system. For auction systems, banking is a vital component, as it often serves as the authority in charge of overseeing the ultimate settlement of the payment. Banks, on the other hand, tend to lag behind the pace of technical innovation in other industries when it comes to e-commerce. Payment methods for buyers include credit card, debit card, personal check, cashier's check, money order, cash on delivery, escrow services, and more. Using a credit card provides the greatest level of safety for buyers, as they may request a refund from the credit card company if the thing they ordered is never delivered or is not what they expected it to be. Credit card payments are not widely accepted by sellers in C2C auctions. Because of this, there are a number of causes. There will be a fee for the seller, and the majority of the purchases were for less than $100 on average (National Consumer League, 2001). Sellers will incur additional costs if they accept credit card payments. Giving out credit card information to someone you've never met is extremely risky from the perspective of the buyer. There is a chance that they will steal your credit card information and do something bad with it. 69 percent of all payments are made via check, cashier's check, or money order. However, the buyers are not protected by these methods of payment. Fast and low-cost money transfers can be made between buyers and sellers using electronic means. Figure 1 depicts the various e-payment options. Payment is made through a payment firm rather than directly by the seller in a proprietary payment system, and the payment company in turn pays the sellers.. As long as certain conditions are met or the authenticity of the seller can be established, funds held in escrow can't be released to the buyer. Personal bank accounts or credit cards must be authorized for use in person-to-person (P2P) payments before the payer can use the service.

An auction is a market where the allocation of resources and the price of those resources are determined by the bids of market players (McAfee & McMillan, 1987). As a general rule, auctions are used to aggregate supply and demand in a market to create the commodity. For the most part, an auction is a system for allocating limited products that is based on competition between participants. An individual seller wants to get as much money for his or her product whereas a buyer wants to spend as little as feasible for it. Sellers, purchasers, and auctioneers are the three main players in the auction process. The advantage of using an auction to determine market-based prices is their simplicity. Sellers in a typical physical auction choose an auction house on the basis of service: license form, availability of acceptable insurance, appropriate descriptions and access to the commodities and payment terms and goods security prior to and during the process of the auction. There must be a face-to-face meeting between the buyer and seller or their representative. Bids can be placed at any time and from any location using a computer in an online auction. In addition to desktop computers, mobile phones and other handheld devices can access the information. There are no physical goods exchanged in online auctions; instead, transactions are based solely on information (product descriptions). Sellers and buyers meet, advertise products for sale, exchange information and communicate with one other, and finally complete transactions through these services By removing the need for traditional middlemen and allowing transactions to take place at any time of day or night, they not only make it easier for buyers and sellers to transact, but they also keep their data up to current in real time. Online auctions have a global reach, allowing buyers to access a wider range of commodities and sellers to sell their goods more effectively to a wider audience. Online auctions have both perks and pitfalls. The things for sale are often simply listed on the auction's website. Neither the product's existence nor the accuracy of its description is verified or checked. The two most pressing issues are trustworthiness and security. The popularity of online auctions has grown tremendously. It is estimated that eBay (www.ebay.com), one of the most popular online auction sites, had 41.2 million active members in 2003 and 292 million listings, up from 27.7 million in 2002. (eBay, 2004). eBay was one of the top five websites in Germany and the United Kingdom in February 2004, according to Nielsen/Netratings, the global benchmark for Internet audience measurement and analysis. Only 6% of net market transactions were made through catalog sales, according to a study by the Aberdeen Group (Pritchard, 2002). Most auctions are accessible to the general public. Almost everything may be found. Because of the rapid growth of the virtual market, there are no de facto norms for online auction bidding rules and policies. These issues are still a serious concern, even though internet auctions have

transactions. Sellers can put items for trade, but no one checks to see if they're real or if the descriptions are truthful. When it comes to identifying traders, they simply use the email addresses of buyers and sellers. Sellers are responsible for resolving any payment or delivery issues with the winning bidder after the auction concludes. The auction houses are not in any way responsible for the deal. As a result, online auction fraud is becoming a more challenging problem to combat. The following are typical examples of auction fraud: • Non-delivery: Customers pay for a product that never arrives.

• Item received does not match what was described in the ad or on the website.

• In order to raise the price of a product, a seller or one of his or her associates will put a bogus bid. Federal Trade Commission (FTC) complaints included

• For example, the provision of a security system that allows legitimate users access to resources while protecting critical information from hackers & unauthorized users (i.e., all other users).

• Data transfers from and to OAS should be protected so that only the intended recipients of the data have access to it.

• From a recent study make by scientists a t Carnegie Mellon University, found many fraud schemes from the historical auction data using data mining techniques and other accomplices. One of the most currently fraud schemes is that the bidders are making false identity or accounts in order to increase the sale price.

• Currently there are two approaches mostly being implemented such as policy-based and reputation-based trust management, which also lag certain security issues.

• There was a recently proposed system by Ganeriwal and Srivastava, which was a reputation based model for sensor networks. This system works well in maintain the reputation for the node s and also in evaluating trust worthiness. But the main drawback is that there is no effective and particular method to prevent the users from giving false identity and hence the system fails in providing a secured environment.

• The existing "OPEN Auction House" is managed manually. Prior to each auction the day of auction, the (venue and the items on

time. This conventional method most of the times

• Prevent aspiring bidders from participating in the bidding process. Another headache of the old system is to track each bidding process and to make it culminate in financial settlement. So the system has to keep record sof both buyers and sellers until the end of settlement. The process is very cumbersome and time consuming.

1. To design and develop an online auction system that ensures the buyer‘s on the sellers and the products are being auctioned. 2. To compute the sellers ratings using the feedback scores from the bid winners 3. To generate reports for each completed bid in the auction system 4. To notify the bidders of new bids made in the bids that they participate in 5. To compute the seller‘s shill scores for each seller that sells product on the online auction system

• Seller module

A seller‘s primary concern on such a portal would be security against fraudulent buyers and random bids. The seller needs to know who gotthe product and needs to act accordingly. The seller must be able to check his product for bidding and should be able to add one easily. He should also be able to see their views about the product and communicate with the customers or bidders regarding any issue that arises.

• Buyer module

The bidder should first see which product is been posted on the app which is to be auctioned along with all the needed information about it. If the bidder is interested to buy that product, then he can register for the auctioning and bid the amount. At last, at the end of the auctioning the bidder should get to know the result. The buyer or the bidder should be able to give a feedback to the seller or admin.  Admin module

category.Adminmust be able to add or delete comments and take feedback from people regarding the processes going on intheportal.

• Front end

The portal has been designed using HTML, CSS, BOOTSTRAP and JAVASCRIPT which allowed us to create a Real time portal for auctioning. HTML tags and CSS formatting. Bootstrap has been used to customize the portal for a display of smaller or bigger size.

• Backend

In the backend we have used node Js and data base as a dynamo db. Dynamo db is a powerful database that lets you store, organize and accessdata easily.

There are just a few significant major auction systems that have implemented security technology, which is the cornerstone for secure transactions. Is it necessary to establish international legislation to regulate Internet auctions? It's similar to the law requiring drivers and passengers to wear seat belts on the road: it's against the law. SSL and a privacy policy should be all that is required for online auction systems to function properly. Consumers' credit card information is confined to an e-mail address, which makes it the most secure method of payment. Traditional auction house standards may be brought in for high-value transactions in order to maintain the trust of both buyers and sellers. In order to protect themselves from auction fraud, consumers have a variety of options available. It's critical that you inform them about the various payment options and the level of security they their operations, which is inherently 'cross-border,' rather than national. Fraudulent transactions in C2C can be carried out by individuals located in countries other than the victim's own. Taking legal action against him or her may be difficult because of this. In B2B, alongside tax and currency exchange concerns, there are also difficult legal authority issues. B2B disputes will be arbitrated by who? Since online auctions are so prevalent in e-commerce, they serve as a vital conduit for trade. An urgent need for international management and supervision is needed to make the market a safe and trusted place.

It is not possible to develop a system that makes all the requirements of the user. User requirements keep changing as the system is being used. Some of the future enhancements that can be done to this system are: As the technology emerges, it is possible to upgrade the system and can be adaptable to desired environment. Because it is based on object-oriented design, any further changes can be easily adaptable. Based on the future security issues, security can be improved using emerging technologies. Sub admin module can be added. An in-built web browser can be added. The future plan of this project is to improve design, implementation and documentation in such a way that anyone can use this project for better perform. We will develop the site more dynamically and the database work as well. In future we will add the following module for better improvement of the project: More security in the system, More user

1. B. Rumpe, G. Wimmel, "A framework for realtime online auctions", Proceedings of Information Resources Management Association (IRMA) International Conference, pp. 208912, 2001. 2. www.academia.edu/9174592/ONLINE_AUCTION_MINI_PROJECT_REPORT.html 3. Bajari, Patrick, Ali Hortacsu (2004). "Economic Insights from Internet Auctions" Journal of Economic Literature, Vol. XLII No. 2: 457-86. 4. sdsu-dspace.calstate.edu/bitstream/handle/10211.10/1377/Potla_Shanthi.pdf 5. Chris Bates: Web Programming Building Internet Applications 6. https://ageconsearch.umn.edu/bitstream/91423/2/PR-10-02.pdf

based control system for energy resource management in a building. U.S. Patent 5,394,324. 9. Dutta, R. and Ramamoorthy, K., International Business Machines Corp, 2009. User rating system for online auctions. U.S. Patent 7,552,081. 10. Fageha, M. and Aibinu, A. 2013. Managing Project Scope Definition to Improve Stakeholders’ Participation and Enhance Project Outcome. Procedia – Social and Behavioral Sciences, 74, pp.154-164. 11. Gemino, A. and Parker, D. 2009. Use Case Diagrams in Support of Use Case Modeling. Journal of Database Management, 20(1), pp.1-24. 12. Kamau, C.,2015. Efficacy of Monitoring and Evaluation Function in Achieving Project Success in Kenya: A Conceptual Framework. Science Journal of Business and Management, 3(3), p.82. 13. Konia, B.S., MARKET MY SITE Inc, 2007. Online auction bid management system and method. U.S. Patent 7,225,151. 14. Lin, Z., Li, D., Janamanchi, B. and Huang, W., 2010. Reputation distribution and consumer-to-consumer online auction market structure: an exploratory study. Decision Support Systems, 41(2), pp.435-448. 15. Maltzman, R., eBay Inc, 2008. Method and system to enable a fixed price purchase within a online auction environment. U.S. Patent 7,340,429. 16. Milunovic, S. and Filipovic, J.,2013. Methodology for quality management of projects in manufacturing industries. Total Quality Management & Business Excellence, 24(1-2), pp.91-107. 17. Sanchez, H., Robert, B., Bourgault, M. and Pellerin, R. (2009). Risk management applied to projects, programs, and portfolios. International Journal of Managing Projects in Business, 2(1), pp.14-35. 18. Rotman, G., Rotman, R. and Martin, J., Paid Inc, 2008. Method and system for improved online auction. U.S. Patent 7,324,968. 19. Shavit, E. and Teichner, L., STRATEGIC PROCESSING CORP, 2011. Interactive market management system. U.S. Patent 4,799,156. 20. Zwikael, O. (2009). The Relative Importance of the PMBOK® Guide‘s Nine Knowledge

Management Journal, 40(4), pp.94-103

Students Department of CSE, GHRIET, Nagpur, G.H. Raisoni Institute of Engineering & Technology, Nagpur