Prentice Hall, 2002 1 E-Commerce Security Notes based on Laudon&Laudon

Prentice Hall, 2002 1

E-Commerce Security

Notes based on Laudon&Laudon.


Learning Objectives

Document the rapid rise in computer and network security attacksUnderstand the factors contributing to the rise in EC security breachesExplain the basic types of network security attacks


Learning Objectives (cont.)

Discuss the major steps in developing a security risk management systemDescribe the major types of attacks against EC systemsDiscuss some of the major technologies for securing EC


Bringing Down an EC Site:Mere Child’s Play

Distributed Denial of Service (DDoS) attacks can inundate a site with so many requests that legitimate traffic is virtually halted

Attacker used software to send a flood of data packets to the target computer(s) with the aim of overloading its resources


Figure 13-1Using Zombies in a Distributed Denial of Service Attack

Source: Scambray et al. (2000)


Bringing Down an EC Site:Mere Child’s Play (cont.)

Distributed Denial of Service (DDoS) attacks

Zombie—machine on which the DDoS software is loaded, unknown to the owner

Home computers with cable modems or DSL service that are left on all the timeBusiness Web servers located outside the firewall

Availability of free tools and scripts make it easy to mount a DDOS attack


Figure 13-2Attack Sophistication vs. Intruder Technical Knowledge

Source: Special permission to reproduce the CERT ©/CC graphic © 2000 by Carnegie Melon University, in Electronic Commerce 2002 in Allen et al. (2000).


The Need for Security

Data from Computer Security Institute and FBI indicate:

Cyber attacks are on the increaseInternet connections are increasingly a point of attack

The variety of attacks is on the riseThe reporting of serious crimes to law enforcement has declined


Table 13-2Incidents and Vulnerabilities Reported to CERT

Figures from Computer Emergency Response Team

(CERT)


Why Now?

Security systems are only as strong as their weakest pointsSecurity and ease of use (or implementation) are antithetical to one anotherSecurity takes a back seat to market pressures


Why Now? (cont.)

Security of an EC site depends on the security of the Internet as a wholeSecurity vulnerabilities are increasing faster than they can be combatedSecurity compromised by common applications


Basic Security Issues

User’s perspectiveIs Web server owned and operated by legitimate company?Web page and form contain some malicious code content?Will Web server distribute the user’s information to another party?

Company’s perspective

Will the user attempt to break into the Web server or alter the site?Will the user try to disrupt the server so it isn’t available to others?

Issues at a simple marketing site:


Basic Security Issues (cont.)

Issues at a simple marketing site:User and company perspective

Is network connection free from eavesdropping?Has information sent back and forth between server and browser been altered?


Basic Security Issues (cont.)

Major security issues in ECAuthenticationAuthorizationAuditingConfidentiality or privacyIntegrityAvailabilityNon-repudiation


Security Risk Management

Required to determine security needs

4 phases of risk management

AssessmentPlanningImplementationMonitoring

Definitions involved in risk management

Assets—anything of value worth securingThreat—eventuality representing danger to an assetVulnerability—weakness in a safeguard


Security Risk Management (cont.)

Assessment phase—evaluation of assets, threats, vulnerabilities

Determine organizational objectivesInventory assetsDelineate threatsIdentify vulnerabilitiesQuantify the value of each risk


Table 13-3Security Risks for EC & Other Internet Sites



Planning phase of risk management—arrive at a set of security policies

Define specific policiesEstablish processes for audit and reviewEstablish an incident response team and contingency plan



Implementation phase of risk management—choose particular technologies to deal with high priority threatsMonitoring phase of risk management—ongoing processes used to determine which measures are successful, unsuccessful and need modification


Types of Threats and Attacks

Nontechnical vs. technical attacksSteps in a hacker’s attack

Discover key elements of networkScan for vulnerabilitiesHack in and gain administrator privilegesDisable auditing & traces from log filesSteal files, modify data, steal source code, etc.Install back doors, etc to permit undetectable reentryReturn at will to do more damage


Types of Threats and Attacks (cont.)

The playersHackersCrackersScript kiddies

Systems and software bugs and misconfigurations



IP fragmentation (teardrop, bonk, boink, nestea, and others)DNS spoofing

Ping of deathSmurf attackSYNFloodBuffer overflows

Denial-of-service (DoS) attacks



Input validation attacksIntercepted transmissionsMalicious code

VirusesWormsMacro viruses and macro wormsTrojan horses

Malicious mobile code


Security Technologies

Tools Available to Achieve Site SecurityEncryptionNetwork Security ProtocolsVirtual Private Networks and TunnelingFirewalls and Proxy SystemsHost security toolsPolicies and Management: Access control, authentication, monitoring and intrusion detection.


Figure 14-2Private Key Encryption


Public Key Encryption

Size of key

RSA algorithm

Speed of Key

Rijndael algorithm


Digital Signatures: authenticity and nondenial

Analogous to handwritten signatureBased on public keysUsed to:

Authenticate the identity of the sender of a message or documentEnsure the original content of the electronic message or document is unchanged

Security for E-Payments (cont.)



Digital Signatures: authenticity and nondenial (cont.)

Benefits:

PortableCannot be easily repudiated or imitatedCan be time stamped


Figure 14-4Digital Signatures



Digital certificates

Identifying the holder of a public key (Key-Exchange)Issued by a trusted certificate authority (CA)

Name : “Richard”key-Exchange Key :Signature Key :Serial # : 29483756Other Data : 10236283025273Expires : 6/18/04Signed : CA’s Signature



Secure socket layer/transport layer securitySecure socket layer (SLL)—handle on Web browser, utilizing CAs and data encryption

EncryptionDigital certificatesDigital signatures

In 1996 SSL was standardized and named transport layer security (TSL)Operates at TCP/IP layer (base layer for Internet)IPSec—secure version of IP protocol


SSL

Secure Socket Layer (SSL)SSL protocol may use a certificate, but there is no payment gateway. Merchants need to receive ordering information and credit card information (capturing process initiated by merchants)


Security Technologies

Firewalls and access controlFirewall—network node that isolates private network from public network

Packet-filtering routersApplication-level proxiesScreened host firewall


Figure 13-6Application-Level Proxy (Bastion Gateway Host)


Figure 13-7Screened Host Firewall


Figure 13-8Screened Subnet Firewall (with DMZ)


Security Technologies (cont.)

Virtual private networks (VPNs)—use public Internet to carry information but remains private

Encryption—scramble communicationsAuthentication—ensure information remains untampered with and comes from legitimate sourceAccess control—verify identity of anyone using network


Security Technologies (cont.)

Protocol tunneling—ensure confidentiality and integrity of data transmitted

Point-to-point tunneling (PTP)Layer 2 tunneling protocol (L2PT)

Intrusion Detection Systems (IDS)


Managerial Issues

Recognize the business consequences of poor securitySecurity through obscurity doesn't workIt’s the business that counts, not the technologySecurity is an on-going, closed-loop processEven for EC sites, internal breaches are more prevalent than external breaches

Documents

Prentice Hall, 2002 1 E-Commerce Security Notes based on Laudon&Laudon