security on the internet
TRANSCRIPT
-
8/2/2019 Security on the Internet
1/30
The authenticity of the identity of
both parties
is how to know the participant of the
negotiation is not counterfeited by someone
else.
If we are negotiating with some cheater, we
might let out some important information,
which may cause serious losses.
How can we judge whether a document
comes from someone really as declared?
-
8/2/2019 Security on the Internet
2/30
The secrecy of information exchange
Secrecy in the process of negotiation, a tremendousamount of information should be exchanged, whichusually includes the names, prices, quality of thecommodities, as well as the time and place of the
commodity exchange. All such information has great value and needs to be
protected.
If the information is divulged to the competitors, theyare likely to take advantage of what they know so as tocause tremendous losses to the negotiator.
Thus it is of great importance as to keep the crucialinformation confidential.
-
8/2/2019 Security on the Internet
3/30
The integrity of information
How can the receiving party make sure that
the information received is the complete
message that is sent from the other party?
And is the message not replaced by another
faked message in the process of being
transmitted.
-
8/2/2019 Security on the Internet
4/30
Non-repudiation
If one party wants to invalidate the contract
which has been signed because of adverse
marketing situations, one of the choices it may
make is to deny authenticity of the
agreement.
Issues like these are also very important
problems encountered in the e-commerceprocess.
-
8/2/2019 Security on the Internet
5/30
Privacy protection problem
In the traditional commercial process, when we goshopping, we check the commodity and pay for it inperson.
The vendor would not know who we are. In the e-shopping process, however, the registration is requiredall the time, which may reveal a lot of privateinformation such as gender, age, occupation, income,ID number and credit card number.
But how can we know that our private information isprotected rather than illegally used?
-
8/2/2019 Security on the Internet
6/30
The security problems originated
from the Internet itself
The Internet is a free and open world, which enablesthe global information exchange.
On the other hand, it provides a convenient way togather and distribute private data.
Secondly, the diversity of the Internet users is also athreat to security. Since the information is transmittedonline via the routers while the users cannot knowwhich one of the routers are involved in the process, itis possible that someone will be able to view the usersinformation by scanning and tracking data.
So any online data is possible to be eavesdropped.
-
8/2/2019 Security on the Internet
7/30
INTENTIONAL E-COMMERCE THREATS
Computer viruses
Trojan horses
Logic bombs Trap doors
Denial-of-access attacks
-
8/2/2019 Security on the Internet
8/30
COMPUTER VIRUSES
A computer virus is a series of self-propagatingprogram codes triggered by a specified time orevent within the computer system.
When the program or the operating systemcontaining the virus is used again, the virusattaches itself to other files and the cyclecontinues.
The seriousness of computer viruses varies,
ranging from springing a joke on a user tocompletely destroying computer programs anddata.
-
8/2/2019 Security on the Internet
9/30
COMPUTER VIRUSES
Computer viruses can also be transmitted
through a network.
Probably the most dangerous type of virus comes
from bulletin boards; this type of virus can infectany system that accesses the bulletin board.
Bulletin boards are computer systems to which
different individuals can post messages orcomputer programs that can be downloaded by
others.
-
8/2/2019 Security on the Internet
10/30
COMPUTER WORM
A worm is similar to a computer virus.
It is called a worm because it travels like a worm
from one computer in a network to another
computer or site.
A worm usually does not erase the data. It either
corrupts the data or it copies itself to a full-blown
version that eats up computing resources. Eventually it will bring the computer and/or
network to a halt.
-
8/2/2019 Security on the Internet
11/30
TROJAN HORSE
A Trojan horse program contains codes intended todisrupt a computer system and or an e-commerce site.
Trojan horse programs are usually hidden inside apopular useful program.
These programs may erase accounting, personnel, andfinancial data.
Unlike computer viruses and worms, a Trojan horseprogram does not replicate itself.
Although a Trojan horse program functions differentlythan viruses and worms, the end results are basicallythe same: damage and interruption of the computerand/or network system.
-
8/2/2019 Security on the Internet
12/30
LOGIC BOMBS
A logic bomb is a type of Trojan horse used torelease a virus, a worm, or some otherdestructive code.
Logic bombs are triggered at a certain point intime or by an event or an action performed by auser.
An action can be pressing certain keystrokes or
running a specific program. An event may be loading a backup tape or the
birthday of a famous person.
-
8/2/2019 Security on the Internet
13/30
TRAP DOORS
A trap door (also called a back door) is a routinebuilt into a system by its designer or programmer.
This routine allows the designer or the
programmer to sneak back into the system toaccess software or specific programs.
A trap door is usually activated by the individual(or his or her agent) who designed the system.
Usually the user is not aware of the problem; akeystroke combination or a specific login may setit off.
-
8/2/2019 Security on the Internet
14/30
DENIAL-OF-ACCESS ATTACKS
A denial-of-service attack is a method hackers
and crackers use to prevent or deny legitimate
users access to a computer or web server.
Just imagine, 5,000 or more people surround a
department store and block everybody who
wants to enter the store.
Although the store is open, it cannot provide
service to its legitimate customers.
-
8/2/2019 Security on the Internet
15/30
DENIAL-OF-ACCESS ATTACKS
These computer criminals use tools that send
many requests to a targeted Internet server
(usually the Web, file transfer protocol, or mail
server), which floods the servers resources,
making the system unusable.
Any system connected to the Internet running
Transmission Control Protocol services aresubject to attack.
-
8/2/2019 Security on the Internet
16/30
DENIAL-OF-ACCESS ATTACKS
Just imagine continuous phone calls to atraditional store.
As soon as the store clerk picks up the phone,
he or she finds out that this is a prank call. If this process continues, it prohibits the
stores legitimate customers to get hold of the
store operator and use the stores services orproducts.
This is similar to denial-of-service attacks.
-
8/2/2019 Security on the Internet
17/30
DENIAL-OF-ACCESS ATTACKS
The assaults are all of a type known asdistributed denial-of-service attacks, inwhich a web site is bombarded with
thousands of requests for information in avery short period of time, causing it to grind toa halt.
The attacks usually come from severalcomputers on the Web, and this makes itdifficult to trace the attacks
-
8/2/2019 Security on the Internet
18/30
DENIAL-OF-ACCESS ATTACKS
A hacker secretly plants denial-of-accessattack tools on several computers on the Web.
These computers can be centrally controlled.
The methods of how and what resources areflooded differ based on the tools used by thehackers.
It is nearly impossible to trace the attack,particularly if the attacks come from severalsites.
-
8/2/2019 Security on the Internet
19/30
SECURITY MEASURES AND
ENFORCEMENTS FOR E-COMMERCE
Biometric securities
Non-biometric securities
Physical securities Software securities
Electronic transactions securities
CERT
-
8/2/2019 Security on the Internet
20/30
BIOMETRIC SECURITIES
Biometric security measures use elementsfrom the human body to screen users.
These security measures rely on the concept
that a unique part or characteristic of anindividual cannot be stolen, lost, copied, orpassed on to others.
Some of the drawbacks of biometrics are theirrelative high cost, acceptance by users, andthe relative difficulty of installation.
-
8/2/2019 Security on the Internet
21/30
BIOMETRIC SECURITIES
Fingerprint: Whenever a user tries to access the system, his or herfingerprint is scanned and verified against the print stored in anelectronic file. If there is a match, the access request is granted. Ifthere is no match, access is rejected.
Hand geometry: Hand geometry measures the length of fingers on
both hands, the translucence of the fingertips, and the webbingbetween the fingers.
Palm-print: The individual characteristics of the palm are used toidentify the user. Palm-print is used by law-enforcement agencies tocatch criminals.
Retinal scanning: Retinal scanning using a binocular eye camera is
one of the most successful methods for security application.Identification of the user is verified by data stored in a computerfile.
-
8/2/2019 Security on the Internet
22/30
BIOMETRIC SECURITIES
Signature analysis: Signature analysis uses the signature aswell as the users pattern, pressure deviation, acceleration,and the length of the time needed to sign ones name.
Voice recognition: Voice recognition translates words intodigital patterns for transmission to the server. Voicepatterns are recorded and examined by tone, pitch, and soforth. This technique is relatively new, and research isongoing. Using voice to verify user identity has onecharacteristic that most other biometric technologiescannot offer. Voice recognition can work over long
distances via ordinary telephones. A properly designedvoice-based security system could provide majorenhancements to the safety of financial transactionsconducted over the telephone.
-
8/2/2019 Security on the Internet
23/30
NONBIOMETRIC SECURITIES
Callback Modems: Using a callback modem,
the system validates access by logging the
user off and calling the user back. By doing
this the system separates authorized usersfrom unauthorized users.
-
8/2/2019 Security on the Internet
24/30
NONBIOMETRIC SECURITIES
Callback Modems
Firewalls
Intrusion-Detection Systems
-
8/2/2019 Security on the Internet
25/30
Callback Modems
Callback Modems: Using a callback modem,
the system validates access by logging the
user off and calling the user back.
By doing this the system separates authorized
users from unauthorized users.
-
8/2/2019 Security on the Internet
26/30
Firewalls
A firewall is a combination of hardware and
software that serves as a gateway between
the private network and the Internet.
Predefined access and scope of use are
required, and all other requests are blocked.
An effective firewall should protect both the
export and import of data from and to the
private network.
-
8/2/2019 Security on the Internet
27/30
Firewalls
A firewalls protection is similar to a house
with walls, windows, and doors.
The walls and doors of the house prevent
unauthorized people from getting in, while
the windows still allow those in the house to
see the outside.
-
8/2/2019 Security on the Internet
28/30
Firewalls
If designed effectively, a firewall can look at
every piece of data that passes into or out of a
private network and decide whether to allow
the passage based on the following:
User identification
Point of origin
Point of destination
The information contents
-
8/2/2019 Security on the Internet
29/30
Firewalls
By careful examination of the packet that is
trying to exit from or enter into the private
network, a firewall can choose one of the
following actions:
Reject the incoming packet
Send a warning to the network administrator
-
8/2/2019 Security on the Internet
30/30
Firewalls
By careful examination of the packet that is
trying to exit from or enter into the private
network, a firewall can choose one of the
following actions:
Reject the incoming packet
Send a warning to the network administrator