第十一章電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

第十一章電子商務安全

(E-Commerce Security)

淡江大學資管系所侯永昌 2

Learning Objectives

1.電腦與網路安全議題的現狀與趨勢2.電子商務有哪些資訊安全的相關議題3.有哪些常見的網路攻擊的方式4.安全管理上有哪些常見的認知錯誤5.有哪些技術常用於確保電子商務的資料通訊安全

6.有哪些技術常用於確保電子商務的網站安全


2005年 CSI/FBI的調查報告(I)

有接近 50% 的企業發生過內部員工不當的使用網路權限 (insider abuse of net access)

有超過 30% 的企業曾經被內部員工盜取未經授權的資訊 (unauthorized access to information) 和曾經遭受過阻絕攻擊 (denial of services, DoS)

有 15% 左右的企業曾經遭受無線網路被濫用 (abuse of wireless network) 和曾經遭受外人的入侵 (system penetration)

有 10% 左右的企業曾經遭遇到網路上的詐欺行為 (financial and telecom fraud) 和曾經被外人盜取機密的資訊 (theft of proprietary information)

其它類型的犯罪形式，例如破壞檔案等，所佔的比率都比較低，約在 5% 左右


2005年 CSI/FBI的調查報告 (II)

這些企業因為電腦犯罪的攻擊事件所造成的經濟損失約為 1 億 3 千萬美元，其中以

電腦病毒 ( 約 4,300 萬美元 ) 內部員工盜取未經授權的資訊 ( 約 3,100 萬美元 ) 外人盜取機密的資訊 ( 約 3,100 萬美元 )

這三項罪行所造成的損失最大，約佔整體損失的 81% 其次則為

阻絕攻擊 ( 約 730 萬美元 ) 內部員工不當的使用網路權限 ( 約 690 萬美元 )

其他類型的犯罪形式所造成的經濟損失則比較小，合計約為 1,000 萬美元左右


2005年 CSI/FBI的調查報告(III)

在同一份報告中，有 72% 的受訪者聲稱在過去的一年中曾經遭受電腦犯罪的攻擊，但有趣的是，電腦犯罪的報案率卻由 2001 年的 38% 逐年下降到 2005 年的 20%

為甚麼有這麼多受害者寧願忍氣吞聲，自行尋求事後補救，也不願意將電腦犯罪的事件公開呢？回答的前四名分別是：

擔心會對公司的形象造成負面的影響 (43%) 擔心競爭對手以此做為競爭的工具 (33%) 覺得執法單位不重視電腦犯罪 ( 他們比較重視一般的社會犯罪事件 ) (16%)

擔心造成社會不安的氣氛 (16%)


2005年 CSI/FBI的調查報告 (IV)Security solutions:

Antivirus software (100%) Firewalls (100%) Physical security – controlling physical

access to server (90%) Encrypted files and

transmissions(65~70%) Access control lists (65~70 %) Intrusion detection (65~70%)


The Continuing Need for E-Commerce Security

Computer Security Institute (CSI) Nonprofit organization located in San Francisco, CA, that is

dedicated to serving and training information, computer, and network security professionals

Computer Emergency Response Team (CERT) Group of three teams at Carnegie Mellon University that

monitor the incidence of cyber attacks, analyze vulnerabilities, and provide guidance on protecting against attacks

National Cyber Security Division (NCSD) A division of the DHS (Department of Homeland Security)

charged with implementing U.S. cyberspace security strategy


Security Is Everyone’s BusinessThe DHS (Department of Homeland Security)

strategy includes five national priorities:1. A national cyberspace security response system

2. A national cyberspace security threat and vulnerability reduction program

3. A national cyberspace security awareness and training program

4. Securing governments’ cyberspace

5. National security and international security cooperation


Security Is Everyone’s Business

Accomplishing these priorities requires concerted effort at five levels:

Level 1—The Home User/Small Business Level 2—Large Enterprises Level 3—Critical Sectors/Infrastructure Level 4—National Issues and Vulnerabilities Level 5—Global


What Kinds of Security Questions Arise?

From the user’s perspective: How can the user be sure that the Web server

is owned and operated by a legitimate company?

How does the user know that the Web page and form do not contain some malicious or dangerous code or content?

How does the user know that the owner of the Web site will not distribute the information the user provides to some other party?



From the company’s perspective: How does the company know the user will

not attempt to break into the Web server or alter the pages and content at the site?

How does the company know that the user will not try to disrupt the server so that it is not available to others?



From both parties’ perspectives: How do both parties know that the network

connection is free from eavesdropping by a third party “listening” on the line?

How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered?


Basic Security Issues (I)Authentication

The process by which one entity verifies that another entity is who he, she, or it claims to be• Something known: e.g. password• Something possessed: e.g. smartcard• Something unique: e.g. signature

Authorization The process that ensures that a person has the

right to access certain resources• Comparing with access control information associated with the resource being accessed


Basic Security Issues (II)Auditing

The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions• Log file

Confidentiality (Privacy): Information that is private or sensitive should

not be disclosed to unauthorized individuals, systems, or software processes• Encryption


Basic Security Issues (III)Integrity:

Protecting data from being altered or destroyed in an unauthorized or accidental manner• Encryption while it is in transit

Availability: Ensuring that data and services are available

when needed• Load-balancing hardware and software


Basic Security Issues (III)Non-repudiation:

Ability to limit parties from refuting that a legitimate transaction took place• Signature


General Security Issues at EC Sites

Availability


Attacks


Nontechnical AttacksAn attack that uses chicanery to trick people into r

evealing sensitive information or performing actions that compromise the security of a network

Social engineering: A type of nontechnical attack that uses social pr

essures to trick computer users into compromising computer networks to which those individuals have access

• Individual’s desire to help• Individual’s fear of getting trouble• General trust among individuals


Nontechnical Attacks“You try to make an emotional connection with th

e person on the other side to create a sense of trust and then exploit it”

Because the key to successful social engineering rests with the victims, the key to combating social engineering attacks also rests with the victims

A multiprong approach should be used to combat social engineering

Education and training Policies and procedures Penetration testing


Technical AttacksAn attack perpetrated using software and sy

stems knowledge or expertise Distributed Dos (DDoS) attacks Malicious code attacks

Vulnerability is a mistake that can be directly used by a hacker to gain access to a system or network

Exposure is a mistake in software that allow access to information or capabilities that can be used by a hacker as a stepping-stone in to a system or network


Technical AttacksCommon (security) vulnerabilities and ex

posures (CVEs) Publicly known computer security risks, which are

collected, listed, and shared by a board of security-related organizations

The number of known CVEs has grown from approximately 320 in 1999 to more than 3000 in 2004; there are almost 4250 CVE candidates under consideration for acceptance as CVEs

Examining the list of the top 20 CVEs, one quickly realizes that all of the CVEs are very technical in nature


Denial-of-service AttacksDenial-of-service (DoS) attack

An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources

Distributed Dos (DDoS) attack A denial-of-service attack in which the attacker

gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer


Using Zombies in a DDoS Attack


Malicious Code AttacksMalware: A generic term for malicious soft

wareA number of factors have contributed to the

overall increase in malicious code. Among these factors, the following are paramount:

Mixing data and executable instructions Increasingly homogenous computing environm

ents Unprecedented connectivity Larger clueless user base


Trends in Malicious Code Attacks (I)Increased speed and volume of attacks

The Slammer worm in 2003 doubled in size every 8.5 seconds, infecting approximately 75000 machines within 10 minutes

Reduced time between the discovery of a vulnerability and the release of an attack to exploit the vulnerability

The average time was 5.8 days in the first half of 2004

Remotely-controlled robot networks are growing The number of monitored robots rose from well under

2000 computers to more than 30000 Robots can be upgraded easily and quickly to run

malicious code


Trends in Malicious Code Attacks (II)E-commerce is the most frequently targeted industry

16% in 2004 vs. 4% in 2003 The motivation of attackers may be shifting from looking

for notoriety to seeking illicit financial rewards

Attacks against Web application technologies are increasing

39% of disclosed vulnerabilities in the first half of 2004 were associated with Web application technologies

A large percent (more than 40%) of Fortune 100 companies have been compromised by worms

These networks are still susceptible to exploitation by the potential attackers


Malicious Code (I)Viruses:

A virus is a piece of code that inserts itself into a host, including the operating systems, in order to propagate.

It cannot run independently. It requires that its host program be run to activate it.

Viruses have two components:• A propagation mechanism by which it spreads• What the virus does once it is executed

Sometimes the execution is triggered by a particular event, for example, Michelangelo virus

Some viruses simply infect and spread. Others do a substantial damage


Malicious Code (II)Worm:

A worm is a program that can run independently, will consume the resources of its host from within in order to maintain itself, and can propagate a complete working version of itself onto another machine

The major difference between a worm and a virus is that a worm propagates between systems, whereas a virus propagates locally


Malicious Code (III)Macro viruses and macro worms:

A macro virus or macro worm is usually executed when the application object (e.g., spreadsheet, word processing document, e-mail message) containing the macro is opened or a particular process is executed (e.g., a file is saved)

Melissa and ILOVEYOU were both examples of macro worms that were propagated through Microsoft Outlook e-mail


Malicious Code (IV)Trojan horse:

A Trojan horse is a program that appear to have a useful function but also contains a hidden and unintended function that presents a security risk

Trojans are self-contained and self-installing utilities that can be used to remotely control and monitor the victim’s computer over a network

• The server is the program that runs on the computer under attacks

• The client is the program used by the person perpetrating the attack


Malicious Code (V)One key malware trend is the rise of code that exp

loits and alters the user’s operating system down to the kernel level

The best way to defend against Trojan horses is to implement strict polices and procedures for install new software

End users should be forbidden from installing unauthorized programs

Administrators need to check the integrity of programs and patches that are installed

New programs and tools should be installed in a test environment before putting them into a production environment


Managing EC SecurityCommon mistakes in managing security risks:

Undervalued information ：不了解資訊的價值以致於不受重視

Narrowly defined security boundaries ：只重視內部網路的安全而忽略外部 ( 例如：上下游客戶 ) 的影響

Reactive security management ：等到事情發生了才來亡羊補牢

Dated security management processes ：安全的設施、知識與訓練跟不上環境的變化

Lack of communication about security responsibilities ：安全被認為是 IT 部門的工作，而非整個組織的工作，以致於大部分的人不關心也不懂


Security Risk ManagementA systematic process for determining the

likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks

Security risk management consists of three phases:

Asset identification Risk assessment Implementation


Security Risk managementAsset identification

Inventory organization’s information assets, determine the relative value and criticality

Risk assessment Delineate threats against those assets, such as

hackers, viruses, disgruntled employees, human error, system failures

Identify the vulnerabilities of the systems Calculate quantitative risk for each asset in order to

determine which assets should be safeguarded and which threats need to be minimized


Security Risk managementImplementation

Organization arrives a set of security policies defining which threats are tolerable and which are not

• Particular technologies are chosen to address the high priority threats

Establish an incident response team and contingency plan Establish process for audit and review at least every 6

months• Which policies and technologies are successful• Which are unsuccessful and need modification• What types of new threats are appearing on the horizon


Access Control and AuthenticationAccess control

Mechanism that determines who can legitimately use a network resource and which resources he, she, or it can use

Access control list Define which users have access to which

resources and what rights they have with respective to those resources (i.e. read, write, print, copy, delete, execute, modify, or move)


Access Control and AuthenticationAuthentication

The process of verifying that the user is who he or she claims to be

• Something one knows: e.g. passwords• Something one has: e.g. a token• Something one is: e.g. fingerprint

Passwords are insecure because people has a habit of

Writing down in easy-to-find places Choosing values that are guessed easily Willing telling people their passwords when

asked


Biometric Systems

Biometric systems Authentication systems that identify a person by

measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice

Physiological biometrics Measurements derived directly from different parts of the

body (e.g., fingerprint, iris, hand, facial characteristics)

Behavioral biometrics Measurements derived from various actions and

indirectly from various body parts (e.g., voice scans or keystroke monitoring)


Biometric SystemsFingerprint scanning

Measurement of the discontinuities of a person’s fingerprint, which are then converted to a set of numbers that are stored as a template and used to authenticate identity

Iris scanning Measurement of the unique spots in the iris (colored

part of the eye), which are … to authenticate identityVoice scanning

Measurement of the acoustical patterns in speech production, which are then … to authenticate identity

Keystroke monitoring Measurement of the pressure, speed, and rhythm

with which a word is typed, which is then … identity


Public key infrastructurePublic key infrastructure (PKI)

A scheme for securing e-payments using public key encryption and various technical components

Encryption The process of scrambling (encrypting) a

message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it

Plaintext An unencrypted message in human-readable

form


Public key infrastructureCiphertext

A plaintext message after it has been encrypted into a machine-readable form

Encryption algorithm The mathematical formula used to encrypt t

he plaintext into the ciphertext, and vice versa

Key The secret code used to encrypt and decry

pt a message


Public key infrastructureSymmetric (private) key system

An encryption system that uses the same key to encrypt and decrypt the message

Data Encryption Standard (DES) The standard symmetric encryption algorithm s

upported the NIST and used by U.S. government agencies until October 2, 2000

Rijndael The new Advanced Encryption Standard used t

o secure U.S. government Communications since October 2, 2000


Symmetric (Private) Key Encryption


Public key infrastructureAsymmetric (Public) Key Encryption

Method of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa• Public key: Encryption code that is publicly

available to anyone• Private key: Encryption code that is known

only to its owner The most common public key encryption

algorithm is RSA. RSA uses keys ranging in length from 512 bits to 1024 bits


Public Key Encryption由於私鑰僅被個人持有，所以也只有他能解開由公鑰所加密的密文；假使發信者以收信者的公鑰加密，然後傳輸到收信者端 ( 對應的私鑰持有人 ) 再以其私鑰解密，即可達到「秘密通信」的目的


Public Key Encryption當一份密文經過公鑰解密後可以得到有意義的資訊，那麼該密文一定就是由相對應的那一把私鑰所加密的。但由於私鑰只有原始寄信者才知道，亦即信件一定是來自該私鑰的擁有者，因此可以達到「昭告天下」或「不可否認性」的要求


DiscussionsThe main problem with public key

encryption is speed. Symmetric algorithms are significantly faster than asymmetric algorithms

Therefore, public key encryption cannot be effectively to encrypt and decrypt large amounts of data

In practice, a combination of symmetric and asymmetric encryption is used to encrypt message


Digital Signatures


Digital SignaturesHash

A mathematical computation that is applied to a message, using a private key, to encrypt the message

Message digest A summary of a message, converted into a string of

digits, after the hash has been applied

Digital signature An identifying code that can be used to authenticate the

identity of the sender of a document

Digital envelope The combination of the encrypted original message and

the digital signature, using the recipient’s public key


Digital SignaturesThe recipient has evidence that the sender

sent the message because (theoretically) the sender is the only one with access to private key

The recipient knows that the message has not been tampered with, because if it had been the two hashes would not have matched


Public key infrastructure當某人告訴你說他是侯永昌，並給你一個 public ke

y ，請你傳訊息給他。你怎麼知道他就是真的侯永昌？這個 key 是不是真的侯永昌的 public key?

Digital certificate Verification that the holder of a public or private key is w

ho he or she claims to be A certificate contains things such as the holder’s name,

validity period, public key information, and a signed hash of the certificate data with th CA’s private key

Certificate authorities (CAs) Third parties that issue digital certificates


Public key infrastructureSecure Socket Layer (SSL)

Protocol was invented by Netscape that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality

It is the major standard used for online credit card payments

In 1996, SSL was renamed Transport Layer Security (TLS)


Securing EC Networks (I)Layered security

A variety of technologies must be applied at key points in a network


Securing EC Networks (II)Controlling access

Policy of least privilege (POLP): Policy of blocking access to network resources unless access is required to conduct business

Role-specific security Access to particular network resources should be

based on a user’s role within an organization

Monitoring Many organizations go through the process of

establishing security plans and policies, setting up securities technologies, and then fail to monitor their networks to ensure that they remain secure


Securing EC Networks (III)Keep systems patched

Most large organizations are painfully aware that vendors are continually patching or upgrading their software, applications, and systems to plug security holes

Response team Organizations need to have a team in place that can

respond to various attacks The team needs to have well-established plans,

processes, and resources and should practice responding when the pressure is off rather than learning during a crisis


FirewallsA network node consisting of both

hardware and software that isolates a private network from a public network

There are basically two types of firewalls: Packet-filtering routers Application-level proxies


Packet-filtering routersFirewalls that filter data and requests

moving from the public Internet to a private network based on the network addresses of the computer sending or receiving the request

Packets Segments of data and requests sent from one

computer to another on the Internet Consist of the Internet addresses of the

computers sending and receiving the data, plus other identifying information that distinguish one packet from another


Packet-Filtering routersUse a set of rules to determine which

communication packets can move from the outside network to the inside network

Set rules that can accept or reject incoming packets based on source and destination IP address, source and destination port numbers, and packet type (information contained in the packet header); for examples:

Block all packets sent from a given Internet address Block any packet coming from the outside that has the

address of a computer on the inside


Packet-Filtering routersAdvantages:

Provide low-level control and are difficult to get around

Disadvantages: Miss some important rules or incorrectly

specify a rule, thus leaving a hole in the firewall Because the content of a packet is irrelevant to

a packet filter, once a packet is let through a firewall, the inside network is open to data-driven attacks

Packet-filtering routers often are used as the first layer of network defense


Application-level proxyA firewall that blocks data and requests depending

on the type of applications being accessed This type of firewall often involves a special server

called a bastion gateway that accepts requests from the outside for particular services and repackages the request before sending it to the inside network, thus ensuring the security of the request

There is a proxy for each Internet service that an organization wishes to support. If a request is made for an unsupported proxy service, then it is blocked by the firewall


Application-level proxyBastion gateway

A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet

Proxies Special software programs that run on the

gateway server and pass repackaged packets from one network to the other


Application-Level Proxies In addition to controlling inbound traffic, all

outbound traffic requests look as if they were coming from a single computer rather than multiple computers. In this way, the IP address of the internal computers are hidden to the outside

Disadvantage: It takes more processing time to tie particular packets

to particular applications The users on the internal network must configure their

machines or browsers to send their Internet requests via the proxy server


Application Level Proxy (Bastion Gateway Host)


Personal FirewallsPersonal firewalls are designed to protect

homeowner’s desktop systems from the public network by monitoring all the traffic that passes through the computer’s network interface card

They operate in one of two ways: The owner can create filtering rules that are

used by the firewall to permit or delete packets The firewall can learn by prompting the user to

ask how particular traffic ought to be handled


Demilitarized Zone (DMZ)Network area that sits between an organization’s

internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall.


Virtual Private Networks (VPNs)With a private line, the chance of a hacker e

avesdropping on the communications between the companies would be nil, but it is an expensive way to do business

VPNs which enable secure transmissions across the Internet are generally used to support site-to-site transmissions between B2B partners or communications between a mobil and remote worker and a LAN at a central office


Virtual Private Networks (VPNs)VPN can reduce communication costs dramatically

20~40% cost saving for sites in the same country 60~90% cost saving for sites in the different countries 60~80% cost saving for mobile and remote workers

VPN creates a “protocol tunnel” between the nodes on the network

Method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data, encapsulating into packets and transmitting them across the Internet, and decrypting them at the destination address


Virtual Private Networks (VPNs)A VPN uses the public Internet to carry

information but remains private by using a combination of Encryption to scramble the communications Authentication to ensure that the information

has not been tampered with and comes from a legitimate source

Access control to verify the identity of anyone using the network


Virtual Private Networks (VPNs)Three technologies used to create a VPN

Many of the firewall packages – hardware and software – support VPN functionality

Routers cannot only function as firewall, but they can also function as VPN servers

There are software solutions that can be used to handle VPN connections

Many telecom carries and larger ISPs offer VPN services for Internet-based dial-up and site-to-site communications


Intrusion Detection Systems (IDS) In the past, audit logs were manually reviewed for

excessive failed logon attempts, failed file and database access attempt, and other application and system violations

Today, there is special category of software (Intrusion Detection Systems; IDS) that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated actions whenever a security breach or attack occurs


Intrusion Detection Systems (IDS)Host-based IDS resides on the server or other

host system that is being monitored It is good at detecting

Whether critical or security-related files have been tampered with

Whether a user attempts to access files that he is not authorized to use

It computes a special signature or checksum for each file. Then, it checks files on regular basis to see if the current signatures match the previous signatures. If it doesn’t match, security personnel are immediately notified


Intrusion Detection Systems (IDS)Network-based IDS uses rules to analyze

suspicious activity at the perimeter of a network or at key locations in the networks Examine network traffic for known patterns of

attack Automatically notify security personnel when

specific events or event thresholds occur Perform certain actions when an attack occurs.

For instance, it can terminate network connections or reconfigure network devices based on security policies


Honeynet and HoneypotsHoneynet

A honeynet is a network of honeypots designed to attract hackers like honey attracts bees

A technology used to detect and analyze intrusions

A way to evaluate vulnerabilities of an organization by studying the types of attacks to which a site is subjected using a network of systems called honeypots


Honeynet and HoneypotsHoneypots

Production systems (e.g., firewalls, routers, Web servers, database servers) designed not to do real work but that are watched and studied as network intrusions occur

• Why hackers attack• When they attack• How they attack• What they do after the system is compromised• How they communicate with one another suring an

d after the attack


Honeynet and HoneypotsAlthough a honeypot cannot prevent an attack, it c

an simplify the detection and reaction to an attack Because the only traffic on a honeypot comes from intru

ders, it is easier to analyze the data produced by a honeypot to determine what is happened and how to respond

Before a company deploys a honeypot, it needs to think about

What to do when it becomes the sense of a cyber crime or contains evidence of a crime

The legal restrictions and ramifications of monitoring legal and illegal activity


Managerial Issues1. Have we budgeted enough for security?

Most organizations spend only a small percentage of their budgets on network security, have fairly few staffs working on network security issues, and generally relegate network security matters to personnel on lower rungs on the organizational ladder

Because the consequences of poor network security can be severe, it is imperative that senior management have a basic understanding of best practices in network risk management


Managerial Issues2. What are the business consequences of

poor security? Damage to technical and information assets Theft of information and information services Temporary loss of a Web site and Internet

access Loss of income Litigation brought on by dissatisfied

organizational stakeholders Loss of customer confidence Damaged reputation and credibility


Managerial Issues

3. Which e-commerce sites are vulnerable to attack?

Security through obscurity doesn’t work Because of the prevalence of automated

scanning tools, it will be a matter of days before hackers discover your site

All sites should thoroughly review their security requirements and institute stringer measures to guard against high-priority threats


Managerial Issues

4. What is the key to establishing strong e-commerce security?

It’s the business that counts, not the technology

Business requirements determine information requirements

Once information requirements are known, you can begin to understand the value of those assets and the steps that should be taken to secure those that are most valuable and vulnerable


Managerial Issues5. What steps should businesses follow in

establishing a security plan? Security is an ongoing, closed-loop process Monitor our existing policies and measures,

we can determine which are successful or unsuccessful and which should be modified or eliminated

Monitor changes in business requirements, changes in technology and the way it is used, and changes in the way people can attack our systems and networks


Managerial Issues

6. Should organizations be concerned with internal security threats?

Except for viruses and worms, breaches perpetrated by insiders are more prevalent than those perpetrated by outsiders

Security policies and measures for EC sites need to address these insider threats


Summary (I)

1. Trends in computer attacks Computer and network attacks are still a

substantial problem that can result in sizeable economic losses

2. Security is everyone’s business Because the Internet serves as the control system

for many of the critical infrastructures, security is a complex task requiring action at multiple levels, including home users and small businesses, large enterprises, critical sectors and infrastructure, and national and international agencies


Summary (II)3. Basic security issues

Authentication: verify the identity of the participants in a transaction

Authorization: ensure that a person or process has access rights to particular systems or data

Auditing: be able to determine whether particular actions have been taken and by whom

Confidentiality: ensure that information is not disclosed to unauthorized individuals, systems, or processes

Integrity: protect data from being altered or destroyed Availability: ensure that data and services are available

when needed Nonrepudiation: the ability to limit parties from refuting t

hat a legitimate transaction took place


Summary (III)4. Basic types of network security attacks

Nontechnical (social engineering) A perpetrator tricks people into revealing informatio

n or performing actions that compromise network security

Technical: software and systems expertise are used to attack the network DoS and DDoS attacks bring operations to a halt b

y sending floods of data to target computers or to as many computers on the Internet as possible

Malicious code attacks include virus, worms, Trojan horses, or some combination of these


Summary (IV)5. Trends in malicious code

An increase in the speed and volume of attacks Reduce time between the discovery of a vulnerability

and the release of an attack to exploit the vulnerability The growing use of bots to launch attacks An increase in attacks on Web applications A shift in motivation behind attacks toward illicit

financial gain6. Managing EC security

Identification and valuation of key computer and network assets

Assessment of the security threats, vulnerabilities and risks associated with those assets

Selection, evaluation, and implementation of a set of security polices and measures to reduce high-priority threats, vulnerabilities, and risks


Summary (V)7. Securing EC communications

Authentication can be established with something on knows (e.g., password), something one has (e.g., token), or something one is (e.g., fingerprint)

Biometrics systems (fingerprint scanner, iris scanner, facial recognition, and voice recognition) can be used to confirm a person’s identity

Public key infrastructure (PKI) uses encryption (private and public) to ensure privacy and integrity and digital signatures to ensure authenticity and nonrepudiation

Digital signatures are themselves authenticated through a system of digital certificates issued by certificate authorities (CAs)


Summary (VI)8. Technologies for securing networks

A firewall is a combination of hardware and software that isolates a private network from a public network Packet-filtering router uses a set of rules to

determine which communication packets can move from the outside network to the inside network

Application-level proxy accepts requests from the outside and repackages a request before sending it to the inside network, thus ensuring the security of the request

Personal firewalls are needed by individuals with broadband access


Summary (VII)8. Technologies for securing networks (continued)

VPNs are generally used to support secure site-to-site transmissions across the Internet between B2B partners or communications between a mobile and remote worker and a LAN at a central office

IDSs are used to monitor activity across a network or on a host; the systems watch for suspicious activity and take automated actions whenever a security breach or attack occurs

Honeynets and honeypots are being employed to gather information on intrusions and to analyze the types and methods of attacks being perpetrated

第十一章電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

Documents

Transcript of 第十一章電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

第十一章 電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

Documents

Transcript of 第十一章 電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

第十一章電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...

Transcript of 第十一章電子商務安全 (E-Commerce Security). 淡江大學資管系所侯永昌 1 Learning...