e-commerce_(unit_5).ppt
DESCRIPTION
E commerce and security issuesTRANSCRIPT
![Page 1: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/1.jpg)
Trusting others electronically E-Commerce infrastructure
Security threats – the real threats and the perceptions
Network connectivity and availability issues Better architecture and planning
Global economy issues Flexible solutions
![Page 2: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/2.jpg)
Trusting others electronically
Authentication
Handling of private information
Message integrity
Digital signatures and non-repudiation
Access to timely information
![Page 3: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/3.jpg)
Trusting the medium Am I connected to the correct web site? Is the right person using the other computer? Did the appropriate party send the last email? Did the last message get there in time,
correctly?
![Page 4: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/4.jpg)
Public-Key Infrastructure (PKI) Distribute key pairs to all interested entities
Certify public keys in a “trusted” fashion
The Certificate Authority
Secure protocols between entities
Digital Signatures, trusted records and non-
repudiation
![Page 5: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/5.jpg)
Authentication problems
Impersonation attacks
Privacy problems
Hacking and similar attacks
Integrity problems
Repudiation problems
![Page 6: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/6.jpg)
How to communicate securely:
SSL – “the web security protocols”
IPSEC – “the IP layer security protocol”
SMIME – “the email security protocol”
SET – “credit card transaction security
protocol”
![Page 7: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/7.jpg)
Issues with variable response during peak time
Guaranteed delivery, response and receipts
Spoofing attacks Attract users to other sites
Denial of service attacks Prevent users from accessing the site
Tracking and monitoring networks
![Page 8: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/8.jpg)
Variable connectivity levels and cost
Variable economies and cultures
Taxation and intellectual property issues
Interoperability between different
economies
![Page 9: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/9.jpg)
Networking Products Firewalls Remote access and Virtual Private
Networks (VPNs) Encryption technologies Public Key Infrastructure Scanners, monitors and filters Web products and applications
![Page 10: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/10.jpg)
Support for peak access
Replication and mirroring, round robin
schemes – avoid denial of service
Security of web pages through
certificates and network architecture to
avoid spoofing attacks
![Page 11: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/11.jpg)
Identity-based certificate to identify all
users of an application
Determine rightful users for resources
“Role-based” certificates to identify the
authorization rights for a user
![Page 12: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/12.jpg)
12
What is EDI?
Exchange of electronic data between companies using precisely defined transactions
Set of hardware, software, and standards that accommodate the EDI process
![Page 13: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/13.jpg)
13
Figure 11.2 Benefits of EDI
![Page 14: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/14.jpg)
14
Figure 11.3 Suppliers, manufacturers, and retailers cooperate in some of the most successful applications of EDI.
![Page 15: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/15.jpg)
15
Figure 11.4
![Page 16: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/16.jpg)
16
EDI on the WebAdvantages of Web EDI
Lower cost More familiar software Worldwide connectivity
Disadvantages of Web EDI Low speed Poor security
![Page 17: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/17.jpg)
17
The Importance of EDI Need for timely, reliable data exchange in
response to rapidly changing markets Emergence of standards and guidelines Spread of information into many organizational
units Greater reliability of information technology Globalization of organizations
![Page 18: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/18.jpg)
18
Message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution)
Three alternative functions used: message encryption message authentication code (MAC) hash function
![Page 19: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/19.jpg)
19
Message encryption by itself also provides a measure of authentication
If symmetric encryption is used then: receiver know sender must have created it since only sender and receiver now key used know content cannot of been altered Provides both: sender authentication and
message authenticity.
![Page 20: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/20.jpg)
20
If public-key encryption is used: encryption provides no confidence of sender since anyone potentially knows public-key however if
sender signs message using his private-key then encrypts with recipients public key have both secrecy and authentication
but at cost of two public-key uses on message
![Page 21: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/21.jpg)
21
A small fixed-sized block of data: Depends on both message and a secret key Like encryption though need not be reversible
Appended to message as a signature Receiver performs same computation on
message and checks it matches the MAC Provides assurance that message is
unaltered and comes from sender
![Page 22: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/22.jpg)
22
MAC provides authentication Message can be encrypted for secrecy
generally use separate keys for each can compute MAC either before or after
encryption is generally regarded as better done before
why use a MAC? sometimes only authentication is needed sometimes need authentication to persist
longer than the encryption (e.g., archival use) note that a MAC is not a digital signature
![Page 23: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/23.jpg)
23
A hash function is like a MAC condenses arbitrary message to fixed
sizeh = H(M)
usually assume that the hash function is public and not keyed-note that a MAC is keyed
hash used to detect changes to message can use in various ways with message most often to create a digital signature
![Page 24: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/24.jpg)
![Page 25: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/25.jpg)
Spyware Adware Embedded Programs Trojan Horse Browser Hijackers Dialers Malware
![Page 26: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/26.jpg)
Profit A challenge Malice Boredom Business
![Page 27: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/27.jpg)
Computer is running slower than normal Popups (on or off the internet) New toolbars Home page changes Search results look different Error messages when accessing the web
![Page 28: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/28.jpg)
![Page 29: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/29.jpg)
![Page 30: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/30.jpg)
![Page 31: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/31.jpg)
![Page 32: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/32.jpg)
![Page 33: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/33.jpg)
![Page 34: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/34.jpg)
![Page 35: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/35.jpg)
![Page 36: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/36.jpg)
Be conscious of what you are clicking on/downloading
Some pop-ups have what appears to be a close button, but will actually try to install spyware when you click on it. Always look for the topmost right red X.
Remember that things on the internet are rarely free. “Free” Screensavers etc. generally contain ads or worse that pay the programmer for their time.
![Page 37: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/37.jpg)
Download.com – All programs are adware/spyware free
Freesaver.com – Screensavers from this site are safe DO NOT click on ads
KFOR or News9 Cleansoftware.org
![Page 38: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/38.jpg)
Sits between two networks Used to protect one from the other Places a bottleneck between the networks
All communications must pass through the bottleneck – this gives us a single point of control
![Page 39: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/39.jpg)
Packet Filtering Rejects TCP/IP packets from unauthorized hosts and/or
connection attempts bt unauthorized hosts Network Address Translation (NAT)
Translates the addresses of internal hosts so as to hide them from the outside world
Also known as IP masquerading Proxy Services
Makes high level application level connections to external hosts on behalf of internal hosts to completely break the network connection between internal and external hosts
![Page 40: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/40.jpg)
Encrypted Authentication Allows users on the external network to authenticate to
the Firewall to gain access to the private network Virtual Private Networking
Establishes a secure connection between two private networks over a public network This allows the use of the Internet as a connection medium
rather than the use of an expensive leased line
![Page 41: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/41.jpg)
Virus Scanning Searches incoming data streams for virus signatures so
theey may be blocked Done by subscription to stay current
McAfee / Norton
Content Filtering Allows the blocking of internal users from certain types
of content. Usually an add-on to a proxy server Usually a separate subscription service as it is too hard and
time consuming to keep current
![Page 42: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/42.jpg)
Part of an overall Firewall strategy Sits between the local network and the external network
Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance
Primary mission is now to insure anonymity of internal users Still used for caching of frequently requested files Also used for content filtering
Acts as a go-between, submitting your requests to the external network Requests are translated from your IP address to the Proxy’s IP
address E-mail addresses of internal users are removed from request
headers Cause an actual break in the flow of communications
![Page 43: E-Commerce_(Unit_5).ppt](https://reader035.vdocuments.mx/reader035/viewer/2022062512/552a040a4a795904778b465f/html5/thumbnails/43.jpg)
Terminates the TCP connection before relaying to target host (in and out)
Hide internal clients from external network
Blocking of dangerous URLs
Filter dangerous content
Check consistency of retrieved content
Eliminate need for transport layer routing between networks
Single point of access, control and logging