Upload
skylinecollege
View
217
Download
0
Embed Size (px)
Citation preview
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 1/24
E-business - 6
Threats to e-Business
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 2/24
Intellectual Property Threats
Three problem related to intellectualproperty:
Cybersquatting Name changing
Name Stealing
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 3/24
Cyber squatting Is practice of registering a domain name that is the
trademar of another person or company in the hopesthat the o!ner !ill pay huge amount of money toacquire the "#$
The "%S anticybersquating Consumer protection &ct &lso no! as the trademar cyberpiracy Pre'ention &ct%
Protects the trademared names o!ned by corporationsform being registered as domain names by other parties
&ny parties found guilty of cybresquanting can be heldliable for damages of up to ()**+*** per trademar%
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 4/24
Name Changing
,ccurs !hen someone registers purposelymisspelled 'ariations of !ell-no!n domain name
These 'ariants sometime lure consumers !ho mae
typographical errors !hen entering "#$ There is no la! to go'ern this issue
& companys best defense is to register as many as'ariations in product and company spellings as
possible !ith &nticybersquatting ConsumerProtection &ct%
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 5/24
Name Stealing
,ccurs !hen someone posing as a sitesadministrator changes the o!nership of the sitesassigned domain name to another site and o!ner%
"sually happens only !hen safeguards are not inplace
The o!nership changes occur !ithout noticebecause it is automated
,ccur !hen domain names registrars securityprocedures can be faulty
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 6/24
Protecting Intellectual Property
" S .epartment of /ustice maintains thecybercrime site to pro'ide information and updateon
0acing Soft!are piracy
$atest security information
,n cyber crime
Protecting intellectual property right
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 7/24
.igital !atermar
1atermar is a digital code embedded in adigital image to protect content
2lue Spie produces a !atermaring system
called 3io'ani &uthenticates the copyright
Pro'ide copy control
Copy control electronic mechanism for limiting thenumber of copies that one can mae of a digital !or
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 8/24
Threats to the Security of Client
computer 1. Active Content
#efers to programs that are embedded in !eb
pages and that cause action to occur Cracer intent on doing mischief to client
computers by embedding malicious acti'econtent in !eb page
Called Tro/an 0orse Program hidden inside another program or !eb
page that mass its true propose
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 9/24
&cti'e Content Cont%%
& Tro/an horse can Send pri'ate information of the clients computer
Could alter or erase information on the clientscomputer
To a'oid Tro/an horses do not do!nload and installsoft!are from sources that you do not trust4 also
mae use of fire!alls to bloc illegitimateingoing5outgoing traffic
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 10/24
Cont%%
2. Cookies Cooies do not harm client machine directly
they can lead to security 'iolation
Either user can disable cooies entirely butthen user required to enter information eachtime they re'isit a !ebsite
&nd sometime to get full access of any !eb
site cooies are required That is !hy !e cannot disable cooies
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 11/24
Cooies cont%%
¬her approach is to use cooie blocer
1hich pre'ents cooies storage selecti'ely by &llo!ing user to bloc cooies from the !eb ser'ers
that load ad'ertising into !eb page
&llo!ing good7 cooies and denying all other
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 12/24
Cont%%
3. Steganography
Process of hiding information !ithin anotherpiece of information
This information resides in the bacground andis undetectable by anyone !ithout the correctdecoding soft!are
8any security analysts belie'e that the terroristorganisation &l 9aeda use steganography tohide information regarding their acti'ity inimages%
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 13/24
Client Computer Security
& virus is soft!are that attaches itself to anotherprogram
& worm is a type of 'irus that replicates itself on the
computer it affectsEmail attachments may include !ord processing
files+ spreadsheets+ databases+ images !hich maycontain 'iruses
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 14/24
Cont%%
To counteract 'iruses Ensure you ha'e installed the latest security
patches &lso ensure that you are running the latest &nti'irus soft!are !ith the latest 'irus updates
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 15/24
Protecting Client Computer
.igital certificate no!n as digital I.+ is an attachment to an
email message or program embedded in a !ebpage that 'erifies that sender or !ebsite is !hoor !hat it claim to be
Ser'e the same function as a photo on passport
Certificate authority issues a digital certificate
,ldest and famous C& is ;eriSign
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 16/24
Cont%%
A signature on a message is some data that 'alidates a message and 'erifies its origin a recei'er can eep as e'idence a third party can use to resol'e disputes
Si< main element of digital certificate Certificate o!ners identification information ,!ners public ey ;alidity date Serial number Name of issuer .igital signature of certificate issuer
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 17/24
Communication Channel Security
Confidentiality ensures that only o!ners of theshared ey can decrypt the message
Authentication ensures the identity of the person ateither end of a communication line are !ho they saythey are
Integrity ensures the message is not changedduring transit
Nonrepudiation ensures that the sender can notdeny sending the message
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 18/24
Cont%%
These assurances are pro'ided through thefollo!ing methods:
Public5Pri'ate eys ensure confidentiality
.igital signatures ensure nonrepudiation andauthentication
8essage authentication codes ensure data
integrity
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 19/24
Communication Channel Security
Communication channel threats come from'arious sources including: Sniffer Programs
2acdoors Cyber;andalism
8asquerading or Spoofing
.enial-of-Ser'ice
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 20/24
Cont%%
Sniffer !rograms These programs pro'ide a means of recording pacets
passing through a computer or router
It is similar to telephone line tappingSniffer programs can
#ead email messages
#ead user logins and pass!ords
#ead credit card numbers
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 21/24
Cont%%
"ackdoors Some e-commerce programs contain bacdoors
These bacdoors are left intentionally or
unintentionally by soft!are de'elopers 2acdoors pro'ide a !ay for an unauthorised user to
gain access to protected information including:Credit card information
Proprietary company information =!hich could be sold formillions to competitors>
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 22/24
Cont%%
Cy#er$andalism This is the electronic defacing of 1eb site pages
2y replacing regular content It is parallel to the spraying of graffiti on public
property
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 23/24
Cont%%
%as&uerading or Spoofing This is !hen a person impersonates someone else
E%g% pretending that a 1eb site belongs to someoneelse+ !hen it does not
&ny order entered on this ne! page could then bemodified =e%g% change the shipping address of thegoods> and sent to the original 1eb site%
8/15/2019 Threats to E-Business
http://slidepdf.com/reader/full/threats-to-e-business 24/24
Cont%%
'enialofService (hreat
This threat disrupts normal computerprocessing
?or e<ample a @ombie computer could be usedto flood a 1eb site !ith pacets
This pre'ented legitimate users from using the1eb site
This also may lead to a loss in business