final ppt ecommerce
TRANSCRIPT
![Page 1: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/1.jpg)
E-COMMERCE
Heema KumariPriyanka KumariManisha KumariAwanti Amrit
![Page 2: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/2.jpg)
Digital certificateA digital certificate (DC) is a digital file that certifies the identity of an
individual or institution, or even a router seeking access to computer-
based information. It is issued by a Certification Authority, and
serves the same purpose as a driver’s license or a passport.
Just like a passport, a digital certificate provides identifying
information, is forgery resistant and can be verified because it was
issued by an official, trusted agency. The certificate contains the
name of the certificate holder, a serial number, expiration dates, a
copy of the certificate holder's public key (used for encrypting
messages and digital signature ) and the digital signature of the
certificate-issuing authority (CA) so that a recipient can verify that
the certificate is real.CA can be banks ,government agencies etc.
![Page 3: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/3.jpg)
Types of Digital CertificatesThere are four main types of digital certificates:
1. Server Certificates
2. Personal Certificates
3. Organization Certificates
4. Developer Certificates
Certification Authority Functions:
Accept applications for certificates
Verify the identity of the person or organization applying for the certificate
Issue certificates
Revoke/Expire certificates
Provide status information about the certificates that it has issued
![Page 4: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/4.jpg)
DIGITAL CERTIFICATES
![Page 5: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/5.jpg)
SECURING E-COMMERCE NETWORKS
The selection and operation of technologies that ensure network security should be based on:
Defense in depth
Need-to-access basispolicy of least privilege (POLP)
Policy of blocking access to network resources unless access is required to conduct business
Role-specific security
Monitoring
Patch management
Incident response team (IRT)
![Page 6: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/6.jpg)
FIREWALLS
firewall
A single point between two or more networks where all traffic must pass (choke point); the device authenticates, controls, and logs all traffic
packet
Segment of data sent from one computer to another on a network
application-level proxy
A firewall that permits requests for Web pages to move from the public Internet to the private network
bastion gateway
A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet
![Page 7: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/7.jpg)
Intrusion Detection Systems (IDSs)
A special category of software that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated action based on what it sees.
personal firewallA network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card.
![Page 8: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/8.jpg)
virtual private network (VPN)A network that uses the public Internet to carry information but remains private by using encryption to scramble the communications, authentication to ensure that information has not been tampered with, and access control to verify the identity of anyone using the network.
protocol tunnelingMethod used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data packets, sending them in packets across the Internet, and decrypting them at the destination address
![Page 9: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/9.jpg)
proxies
Special software programs that run on the gateway server and pass repackaged packets from one network to the other
Demilitarized zone (DMZ)
Network area that sits between an organization’s internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall
![Page 10: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/10.jpg)
SECURING ECOMMERCE NETWORKS DIAGRAM
![Page 11: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/11.jpg)
SECURING PROTOCOLS
HTTPS
SSL
VPN
IDS
FIREWALLS
PUBLIC KEY INFRASTRUCTURE
![Page 12: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/12.jpg)
Hyper Text transfer protocolsHTTPS is the Hyper-Text Transfer Protocol with SSL Encryption. It is the most popular network protocol for establishing secure connections for exchanging documents on the World-Wide Web. It is basically HTTP carried over a TCP socket, which has been secured using SSL
Developed by Commerce Net Consortium
Extension to HTTP that provides numerous security features
Client and server authentication
Spontaneous encryption
Request/response non repudiation
Provides symmetric and public-key encryption, and message digests (summaries of messages as integers)
Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely.
![Page 13: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/13.jpg)
HTTP messages contain two parts: the header and the body of the message. The header contains instructions to the recipients (browser and server) on how to process the message’s body.
During the transfer transaction, both the client browser and the server, use the information contained in the HTTP header to negotiate formats they will use to transfer the requested information.
The S-HTTP protocol extends this negotiation between the client browser and the server to include the negotiation for security matters. Hence S-HTTP uses additional headers for message encryption, digital certificates and authentication in the HTTP format which contains additional instructions on how to decrypt the message body.
![Page 14: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/14.jpg)
Secure Sockets LayerSSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).
It is used by the most companies to provide security and privacy and establishes a secure session between a browser and a server.
A channel is the two way-way communication stream established between the browser and the server, and the definition of a channel security indicates three basic requirements:
The channel is reliable.
The channel is private.
The channel is authenticated.
![Page 15: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/15.jpg)
Secure Sockets Layer
This encryption is preceded by a ‘data handshake’ and has two major stages:
The first stage is used to establish private communication, and uses the key-agreement algorithm.
The second stage is used for client authentication.
Limitations of SSL:
While the possibility is very slight, successful cryptographic attacks made against these technologies can render SSL insecure.
A downside of both SSL protocols is that they both require to use cryptographic algorithms that place significant load on the computer systems involved in commerce transactions.
For the low and medium e-commerce applications, there is no additional server cost to support SSL.
![Page 16: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/16.jpg)
ROLES OF SSL IN E-COMMERCETo secure online credit card transactions.
To secure system logins and any sensitive information exchanged online.
To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server.
To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.
To secure the transfer of files over https services such as website owners updating new pages to their
To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections.
To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.
![Page 17: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/17.jpg)
WHAT IS VPN ?
Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.
Became popular as more employees worked in remote locations .
![Page 18: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/18.jpg)
Roles of VPNs
Large-scale encryption between multiple fixed sites such as remote offices and central offices
Network traffic is sent over the branch office Internet connection
This saves the company hardware and management expenses
![Page 19: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/19.jpg)
Intrusion Detection Systems (IDS)IDS classification
Host-based IDS: monitor single host activityNetwork-based IDS: monitor network traffic
logical components:Sensors
collect data from various sources such as log files, network packetssends them to the analyzer
Analyzersprocess data from sensors and determine if intrusion has occurredmay also provide guidance for the actions to take
user interface view the output and manage the behavior
![Page 20: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/20.jpg)
IDS REQUIREMENTo run continually with minimal human supervision
o be fault tolerant
o resist subversion
o minimal overhead on system
serve a large number of users
configured according to system security policies
o allow dynamic reconfiguration
![Page 21: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/21.jpg)
Fire wall
A network node designed to protect an individual user’s desktop system from the public network by monitoring all the traffic that passes through the computer’s network interface card
![Page 22: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/22.jpg)
FirewallsA firewall is a barrier placed between the private
network and the outside world.All incoming and outgoing traffic must pass
through it.Can be used to separate address domains.
Control network traffic.Cost: ranges from no-cost (available on the
Internet) to $ 100,000 hardware/software system.Types:
Router-BasedHost BasedCircuit Gateways
![Page 23: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/23.jpg)
PUBLIC KEY INFRASTRUCTUREA PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
![Page 24: Final ppt ecommerce](https://reader033.vdocuments.mx/reader033/viewer/2022042516/55a5d3481a28abf4148b457b/html5/thumbnails/24.jpg)
THANK YOU