Security Threats to Electronic Commerce. Objectives Important computer and electronic commerce...

Security Threats toElectronic Commerce

Objectives

Important computer and electronic commerce security terms

Why secrecy, integrity, and necessity are three parts of any security program

The roles of copyright and intellectual property and their importance in any study of electronic commerce

Objectives

Threats and counter measures to eliminate or reduce threats

Specific threats to client machines, Web servers, and commerce servers

Roles encryption and certificates play

Security Overview

Many fears to overcomeIntercepted e-mail messagesUnauthorized access to digital intelligenceCredit card information falling into the wrong

handsTwo types of computer security

Physical - protection of tangible objectsLogical - protection of non-physical objects

Security Overview

Countermeasures: physical or logical procedures that recognize, reduce, or eliminate a threat

Computer Security Classification

Secrecy/ConfidentialityProtecting against unauthorized data disclosure and

ensuring the authenticity of the data’s source

Privacy The ability to ensure the use of information about

oneself

IntegrityPreventing unauthorized data modification by an

unauthorized party

NecessityPreventing data delays or denials (removal)

Computer Security Classification

Nonrepudiation Ensure that e-commerce participants do not

deny (i.e., repudiate) their online actionsAuthenticity

The ability to identify the identity of a person or entity with whom you are dealing on the Internet

Copyright and Intellectual Property

CopyrightProtecting expression

Literary and musical worksPantomimes and choreographic worksPictorial, graphic, and sculptural worksMotion pictures and other audiovisual worksSound recordingsArchitectural works

Copyright and Intellectual Property

Intellectual propertyThe ownership of ideas and control over the

tangible or virtual representation of those ideas

U.S. Copyright Act of 1976Protects previously stated items for a fixed

period of timeCopyright Clearance Center

Clearinghouse for U.S. copyright information

Intellectual Property Threats

The Internet presents a tempting target for intellectual property threatsVery easy to reproduce an exact copy of

anything found on the InternetPeople are unaware of copyright restrictions,

and unwittingly infringe on themFair use allows limited use of copyright material

when certain conditions are met

Designing systems that are neither over-controlled nor under-controlled

Applying quality assurance standards in large systems projects

MANAGEMENT CHALLENGES

• Advances in telecommunications and computer software

• Unauthorized access, abuse, or fraud

• Hackers

• Denial of service attack

• Computer virus

Why Systems are Vulnerable

Telecommunication Network Vulnerabilities

Figure 14-1

DisasterDestroys computer hardware,

programs, data files, and other equipment

SecurityPrevents unauthorized access,

alteration, theft, or physical damage

Concerns for System Builders and Users

Errors• Cause computers to disrupt or

destroy organization’s record-keeping and operations

Concerns for System Builders and Users

BugsProgram code defects or errors

Maintenance NightmareMaintenance costs high due to

organizational change, software complexity, and faulty system analysis and design

System Quality Problems: Software and Data

Points in the Processing Cycle where Errors can Occur

Figure 14-2

Data Quality Problems

• Caused due to errors during data input or faulty information system and database design

The Cost of Errors over the Systems Development Cycle

Figure 14-3

Controls

• Methods, policies, and procedures

• Ensures protection of organization’s assets

• Ensures accuracy and reliability of records, and operational adherence to management standards

Overview

General controls

• Establish framework for controlling design, security, and use of computer programs

• Include software, hardware, computer operations, data security, implementation, and administrative controls

General Controls and Application Controls

Security Profiles for a Personnel System

Figure 14-4

Application controls

• Unique to each computerized application

• Include input, processing, and output controls

General Controls and Application Controls

• On-line transaction processing: Transactions entered online are immediately processed by computer

• Fault-tolerant computer systems: Contain extra hardware, software, and power supply components

Protecting the Digital Firm

• High-availability computing: Tools and technologies enabling system to recover from a crash

• Disaster recovery plan: Runs business in event of computer outage

• Load balancing: Distributes large number of requests for access among multiple servers

• Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption

• Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing

Protecting the Digital Firm

Security Threats in the E-commerce Environment

Three key points of vulnerability the client communications pipeline the server

Vulnerable Points in an E-commerce Environment

Electronic Commerce Threats

Client ThreatsActive Content

Java applets, Active X controls, JavaScript, and VBScript

Programs that interpret or execute instructions embedded in downloaded objects

Malicious active content can be embedded into seemingly innocuous Web pages -- launched when you use your browser to view the page

Electronic Commerce Threats

Client Threats -- Cookiesremember user names, passwords, and other

commonly referenced informationExercise

Go to “cookie FAQs” on text links page or: http://www.cookiecentral.com/faq/

Are cookies dangerous?How did they get to be called “cookies?”What are the benefits of cookies?

Graphics, Plug-ins, andE-mail Attachments

Code can be embedded into graphic images causing harm to your computer

Plug-ins are used to play audiovisual clips, animated graphicsCould contain ill-intentioned commands

hidden within the objectE-mail attachments can contain

destructive macros within the document

Communication Channel Threats

Secrecy ThreatsSecrecy is the prevention of unauthorized

information disclosure - technical issuePrivacy is the protection of individual rights

to nondisclosure - legal issue regarding rightsTheft of sensitive or personal information is a

significant dangerYour IP address and browser you use are

continually revealed while on the web

Communication Channel Threats

AnonymizerA Web site that provides a measure of

secrecy as long as it’s used as the portal to the Internet

http://www.anonymizer.comCheck out “Here’s what we know about you”

Integrity ThreatsAlso known as active wiretappingUnauthorized party can alter data

Change the amount of a deposit or withdrawal

Communication Channel Threats

Necessity ThreatsAlso known as delay or denial threatsDisrupt normal computer processing

Deny processing entirelySlow processing to intolerably slow speedsRemove file entirely, or delete information

from a transmission or fileDivert money from one bank account to

another

Server Threats

The more complex software becomes, the higher the probability that errors (bugs) exist in the code

Servers run at various privilege levelsHighest levels provide greatest access and

flexibilityLowest levels provide a logical fence around

a running program

Server Threats

Contents of a server’s folder names are revealed to a Web browser

Cookies should never be transmitted unprotected

Sensitive files such as username and password pairs or credit card numbers

Hacking and Cracking -- the Web server administrator is responsible for ensuring that all sensitive files, are secure

Database Threats

Once a user is authenticated to a database, selected database information is visible to the user.

Security is often enforced through the use of privileges

Some databases are inherently insecure and rely on the Web server to enforce security measures

Other Threats

Common Gateway Interface (CGI) ThreatsCGIs are programs that present a security

threat if misusedCGI programs can reside almost anywhere on

a Web server and therefore are often difficult to track down

CGI scripts do not run inside a sandbox, unlike JavaScript

Other Threats

Other programming threats includePrograms executed by the serverBuffer overruns can cause errorsRunaway code segments

The Internet Worm attack was a runaway code segment

Buffer overflow attacks occur when control is released by an authorized program, but the intruder code instructs control to be turned over to it

Tools Available to Achieve Site Security

Encryption Transforms plain text or data into cipher

text that cannot be read by anyone outside of the sender and the receiver. Purpose: to secure stored information to secure information transmission.

Cipher text text that has been encrypted and thus cannot

be read by anyone besides the sender and the receiver

Symmetric Key Encryption DES standard most widely used

Encryption Public key cryptography

uses two mathematically related digital keys: a public key and a private key.

The private key is kept secret by the owner, and the public key is widely disseminated.

Both keys can be used to encrypt and decrypt a message.

A key used to encrypt a message, cannot be used to unencrypt the message

Public Key Cryptography - A Simple Case

Public Key Cryptography with Digital Signatures

Public Key Cryptography: Creating a Digital Envelope

Securing Channels of Communications

Secure Sockets Layer (SSL) is the most common form of securing channels

Secure negotiated sessionclient-server session where the requested

document URL, contents, forms, and cookies are encrypted.

Session key is a unique symmetric encryption key chosen for a single secure session

Secure Negotiated Sessions Using SSL

Securing Channels of Communications

Secure Hypertext Transfer Protocol (S-HTTP)secure message-oriented

communications protocol for use with HTTP.

Virtual Private Networks (VPN) remote users can securely access internal

networks via Point-to-Point Tunneling Protocol (PPTP)

Protecting Networks Firewalls

software applications that act as a filter between a private network and the Internet

Proxy serverserver that handles all communications

originating from or being sent to the Internet, acting as a spokesperson or bodyguard for the organization

Policies, Procedures, and Laws

Developing an e-commerce security plan perform a risk assessment develop a security policy develop an implementation plan create a security organization perform a security audit

Tension Between Security and Other Values

Ease of use Often security slows down processors and

adds significantly to data storage demands. Too much security can harm profitability; not enough can mean going out of business.

Public Safety & Criminal Use claims of individuals to act anonymously vs.

needs of public officials to maintain public safety in light of criminals or terrorists.

Security Policy andIntegrated Security

Security policy is a written statement describing what assets are to be protected and why, who is responsible, which behaviors are acceptable or notPhysical securityNetwork securityAccess authorizationsVirus protectionDisaster recovery

Specific Elements of a Security Policy

AuthenticationWho is trying to access the site?

Access ControlWho is allowed to logon and access the site?

SecrecyWho is permitted to view selected information

Data integrityWho is allowed to change data?

AuditWhat and who causes selected events to

occur, and when?

Computer Emergency Response Team (CERT)

Housed at Carnegie Mellon University

Responds to security events and incidents within the U.S. government and private sector

Some questions Can internet security measures actually create

opportunities for criminals to steal? How? Why are some online merchants hesitant to ship to

international addresses? What are some steps a company can take to

thwart cyber-criminals from within a business? Is a computer with anti-virus software protected

from viruses? Why or why not? What are the differences between encryption and

authentication? Discuss the role of administration in implementing

a security policy?

Group Exercise

Given the shift to m-commerce, identify and discuss the new security threats to this type of technology?

What are some of the non-security impacts on society?

Select a reporter and give a brief synopsis of your views to the class.