04-1 E-commerce Security slides

1

e-commerce

Kenneth C. Laudon

Carol Guercio Traver

business. technology. society.

eighth edition

Copyright © 2012 Pearson Education

Chapter 4

E-commerce Security and

Payment Systems

Copyright © 2012 Pearson Education

2

Class Discussion

Copyright © 2012 Pearson Education Slide 4-3

Cyberwar: Mutually Assured Destruction (MAD)

� What is the difference between hacking and

cyberwar?

� Why has cyberwar become more potentially

devastating in the past decade?

� What percentage of computers have been

compromised by stealth malware programs?

� Will a political solution to MAD 2.0 be effective

enough?

� Cyberwar is much more serious treat to infrastructure of entire nation

�Because highly developed nations has relied more on the Internetfor business, government, and industrial and utility controls

� 10%

� Probably not


Computer-generated Simulation of a DDoS Attack

3


Learning Objectives

� Understand the scope of e-commerce crime and security problems

� Describe the key dimensions of e-commerce security

� Understand the tension between security and other values

� Identify the key security threats in the e-commerce environment

� Describe how technology helps protect the security of messages sent over the Internet

� Identify the tools used to establish secure Internet communications channels and protect networks, servers, and clients

� Appreciate the importance of policies, procedures, and laws in creating security


4


The E-commerce Security Environment

�Overall size and losses of cybercrime

unclear

�Reporting issues

�2011 CSI survey: 46% of respondent

firms detected breach in last year

�Underground economy marketplace:

�Stolen information stored on underground

economy servers


Types of Attacks Against ComputerSystems (Cybercrime)

Figure 4.1, Page 246

SOURCE: Based on data from

Computer Security Institute,

2011

5



What Is Good E-commerce Security?

� To achieve highest degree of security

�New technologies

�Organizational policies and procedures

� Industry standards and government laws

�Other factors

�Time value of money

�Cost of security vs. potential loss

�Security often breaks at weakest link

6


The E-commerce Security Environment



Dimensions of E-commerce Security

� Integrity: ability to ensure that information being displayed on a Web site or transmitted/received over the Internet has not been altered in any way by an unauthorized party

� Nonrepudiation: ability to ensure that e-commerce participants do not deny (repudiate) online actions

� Authenticity: ability to identify the identity of a person or entity with whom you are dealing on the Internet

� Confidentiality: ability to ensure that messages and data are available only to those authorized to view them

� Privacy: ability to control use of information a customer provides about himself or herself to merchant

� Availability: ability to ensure that an e-commerce site continues to function as intended

7


Table 4.3, Page 250


The Tension Between Security andOther Values

� Security vs. Ease of use:� The more security measures added, the more

difficult a site is to use, and the slower it becomes

� Too much security can harm profitability, while not enough security can put you out of business

� Public safety and criminal uses of the Internet� Use of technology by criminals to plan crimes or

threaten nation-state

� The Internet is both anonymous and pervasive, an ideal communication tool for criminal and terrorist groups

8


Security Threats in theE-commerce Environment

�Three key points of vulnerability in

e-commerce environment:

1. Client

2. Server

3. Communications pipeline (Internet

communications channels)


A Typical E-commerce Transaction


9


Vulnerable Points in an E-commerce Transaction



Most Common Security Threats in the E-commerce Environment

� Malicious code

� Viruses

� Worms

� Trojan horses

� Bots, botnets

� Unwanted programs

� Browser parasites

� Adware

� Spyware

10


Malicious Code� Viruses:

� Replicate and spread to other files; most deliver “payload” (destructive or benign)

� Macro viruses, file-infecting viruses, script viruses

� Worms: � Designed to spread from computer to computer

� Can replicate without being executed by a user or program like virus

� Trojan horse: � Appears benign, but does something other than expected

� Bots: � Covertly installed on computer; respond to external

commands sent by attacker to create a network of compromised computers for sending spam, generating a DDoS attack, and stealing info from computers


11



Unwanted Programs

� Installed without user’s informed consent

�Browser parasites

� Can monitor and change settings of a user’s browser

�Adware

� Calls for unwanted pop-up ads

�Spyware

� Can be used to obtain information, such as a user’s keystrokes, e-mail, IMs, etc.

12


Most Common Security Threats (cont.)

� Social engineering

�Phishing

�Deceptive online attempt to obtain confidential

information

� E-mail scams

� Spoofing legitimate Web sites

� Use of information to commit fraudulent acts (access

checking accounts), steal identity


Phishing Mail Example

13




� Hacking� Hackers: Individual who intends to gain unauthorized

access to computer systems

� Crackers: Hacker with criminal intent

� Types of hackers: � White hats – hired by corporate to find weaknesses in the firm’s

computer system

� Black hats – hackers with intention of causing harm

� Grey hats – hackers breaking in and revealing system flaws without disrupting site or attempting to profit from their finds.

� Cybervandalism:� Intentionally disrupting, defacing, destroying Web site

� Data breach� When organizations lose control over corporate

information to outsiders

14


Credit Card Fraud

� Fear of stolen credit card information deters online purchases

� US’s federal law limits liability of individuals to $50 for a stolen credit card

� Hackers target credit card files and other customer information files on merchant servers; use stolen data to establish credit under false identity

� Online companies at higher risk than offline due to difficulty of guarenteeing true identity of customers

� “E-Sign” law giving digital signatures same authority as hand-written ones applies only to large corporations, but not to B2C e-commerce


Spoofing (Pharming) and Spam (Junk) Web Sites

� Spoofing (Pharming)

� Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else

� Spoofing a Web site is called “pharming,” redirecting a Web link to another IP address different from the real one

� Threatens integrity (steal business from true site, or alter orders and send to true site), and authenticity (difficult to distinguish between true and fake Web address)

� Carried out by hacking local DNS servers

� Spam (Junk) Web sites

� Collection of advertisements for other sites, some of which containing malicious code

� Appears on search results, hiding their identities by using domain names similar to legitimate ones, and redirecting traffic to spammer domains, e.g., topsearch10.com

15


DoS and DDoS Attacks

� Denial of service (DoS) attack

� Hackers flood Web site with useless traffic to inundate and overwhelm network

� Use of bot networks built from hundreds of compromised workstations

� Distributed denial of service (DDoS) attack

� Hackers use multiple computers to attack target network from numerous launch points

� Microsoft and Yahoo have experienced such attacks


Denial of Service

Victim System

Attacking System(s)

Internet

SOURCE: PETER SHIPLEY

� Ping Flooding �Attacker sends a flood of pings to the intended

victim�The ping packets will saturate the victim’s

bandwidth

16


Denial of Service� SMURF ATTACK

� Uses a ping packet with two extra twist

� Attacker chooses an unwitting victim

� Spoofs the source address

� Sends request to network in broadcast mode

INTERNET

PERPETRATOR

VICTIM

ICMP echo (spoofed source address of victim)sent to IP broadcast address

ICMP echo reply SOURCE: CISCO

ICMP = Internet ControlMessage Protocol

INNOCENTREFLECTOR SITES

BANDWIDTH MULTIPLICATION:A T1 (1.54 Mbps) can easilyyield 100 MBbps of attack

1 SYN

10,000 SYN/ACKs -- VICTIM IS DEAD


DDoS Attack Illustrated

ScanningProgram

Unsecured Computers

HackerHacker scansInternet for

unsecured systems that can be compromised

1

Internet

17


Hacker

Zombies

Hacker secretlyinstalls zombie

agent programs, turning unsecured computers into zombies

2

Internet



Hacker

Hacker selects a Master Server to send commands to the zombies

3

ZombiesMasterServer

Internet


18


Hacker

Using client program, hacker sends commands to Master Server to launch zombie attack against a targeted system

4

Zombies

TargetedSystem

MasterServer

Internet



TargetedSystem

Hacker

Master Serversends signal to

zombies to launch attack on targeted system

5

MasterServer

Internet

Zombies


19


TargetedSystem

Hacker

Targeted system is overwhelmed by bogus requests that shut it down for legitimate users

6

MasterServer

User

Request Denied

Internet

Zombies




� Sniffing� Eavesdropping program that monitors information traveling

over a network

� Insider jobs: Single largest financial threat

� Poorly designed server and client software� Due to increase in complexity and size of OS, application

software, and browsers

� Social network security� Social engineering attacks tempting visitors to FB pages to

click on “bad-behavior” links

� Mobile platform threats� Same risks as any Internet device

� Malware, botnets, vishing/smishing [discuss on textbook]

20


Technology Solutions

�Protecting Internet communications

�Encryption

� Securing channels of communication

�SSL, S-HTTP, VPNs

� Protecting networks

�Firewalls

�Protecting servers and clients


Tools Available to Achieve Site Security


21


Encryption

� Encryption� Transforms plain text data into cipher text readable only by

sender and receiver

� Purpose: Secures stored information and information transmission

� Provides 4 of 6 key dimensions of e-commerce security:

� Message integrity – assurance that message hasn’t been altered

� Nonrepudiation – prevents user from denying sending the message

� Authentication – verification of identity of person (computer) sending the msg

� Confidentiality – assurance that msg. was not read by others


Symmetric Key Encryption

� Also known as secret key encryption

� Sender and receiver use same digital key to encrypt and decrypt message

� Requires different set of keys for each transaction

� Strength of encryption

� Length of binary key used to encrypt data

� Advanced Encryption Standard (AES)

� Most widely used symmetric key encryption

� Uses 128-, 192-, and 256-bit encryption keys

� Other standards use keys with up to 2,048 bits

22


Symmetric Encryption and Decryption

© 2004 D. A. Menascé. All Rights Reserved.


Public Key Encryption

� Solves symmetric key encryption problem of having to exchange secret key

� Uses two mathematically related digital keys

� Public key (widely disseminated)

� Private key (kept secret by owner)

� Both keys used to encrypt and decrypt message

� Once key used to encrypt message, same key cannot be used to decrypt message

� E.g., Sender uses recipient’s public key to encrypt message; recipient uses private key to decrypt it

23


Public Key Encryption and Decryption



Public Key Cryptography: A Simple Case


24


Public Key Encryption using Digital Signatures and Hash Digests

� Public key encryption provides confidentiality, but not authentication, integrity, and non-repudiation

� Hash function:� Mathematical algorithm that produces fixed-length number called

message or hash digest

� Hash digest of message sent to recipient along with message to verify integrity

� Hash digest and message encrypted with recipient’s public key

� Entire cipher text then encrypted with sender’s private key—creating digital signature—for authenticity, non-repudiation


Message Digest

MessageMessageDigest

Function

101…1010

LargeSmall(e.g., 128 bits)


25


Message Digest

AMessageDigest

Function

Digest A

B Digest B

If A =B => Digest A = Digest B



Message Digest

?MessageDigest

Function

Digest A

Extremely hard to get A from Digest A!© 2004 D. A. Menascé. All Rights Reserved.

26


Public Key Cryptography with Digital Signatures



Digital Envelopes

� Address weaknesses of:� Public key encryption

� Computationally slow, decreased transmission speed, increased processing time

� Symmetric key encryption� Computationally faster, but less secure due to insecure

transmission lines

� Uses more efficient symmetric key encryption to encrypt document

� Uses public key encryption to encrypt symmetric key and send the encrypted key (digital envelope) and encrypted document to the recipient

27


Creating a Digital Envelope

Figure 4.10, 9


Digital Certificates and Public Key Infrastructure (PKI)

� Still missing a way to verify identity of Web sites � By using digital document issued by a trusted third

party called certificate authority (CA)

� Digital certificate includes:� Name of subject/company

� Subject’s public key

� Digital certificate serial number

� Expiration date, issuance date

� Digital signature of CA

� Public Key Infrastructure (PKI): � CAs and digital certificate procedures that are accepted by all

parties

� Pretty Good Privacy (PGP) – a widely used e-mail public key encryption software [go to pgpi.org to download it]

28


Digital Certificates and Certification Authorities

Figure 4.11, 0


Limits to Encryption Solutions

�PKI mainly protect messages in transit

�Doesn’t protect storage of private key�PKI not effective against insiders, employees

�Protection of private keys by individuals may be haphazard

�No guarantee that verifying computer of merchant is secure

�CAs are unregulated, self-selecting organizations

29


Securing Channels of Communication

� Secure Sockets Layer (SSL): � Establishes a secure, negotiated client-server session in

which URL of requested document, along with contents,

is encrypted

� Designed to establish a secure connection between two

computers

� Virtual Private Network (VPN): � Allows remote users to securely access internal

network via the Internet, using Point-to-Point

Tunneling Protocol (PPTP)


Secure Negotiated Sessions Using SSL


30


Protecting Networks� Firewall

� Hardware or software that filters packets (prevents some packets from entering the network) by using security policy

� Two main methods:� Packet filters – looks inside data packets to decide

whether they are destined for a prohibited port or originate from a prohibited IP address

� Application gateways – filters communications based on the application being requested, rather than the source or destination of the message

� Application gateways provide greater security than packet filters, but can compromise system performance


Protecting Networks

�Proxy servers (proxies)

�Software servers that handle all communications originating from or being sent to the Internet

� Initially for limiting access of internal clients to external Internet servers

�Can be used to restrict access to certain types of sites, such as porno, auction, or stock-trading sites, or to cache frequently-accessed Web pages to reduce download times

31


Firewalls and Proxy Servers



Protecting Servers and Clients

�Operating system security

enhancements

�Upgrades, patches

�Anti-virus software:

�Easiest and least expensive way to prevent

threats to system integrity

�Requires daily updates

32


Management Policies, Business Procedures, and Public Laws

�U.S. firms and organizations spend 14%

of IT budget on security hardware,

software, services ($35 billion in 2010)

�Managing risk includes

�Technology a foundation of security

�Effective management policies also required

�Public laws and active enforcement


A Security Plan: Management Policies

� Risk assessment: assessment of risks and points of vulnerability

� Develop security policy: set of statements prioritizing information risks, identifying acceptable risk targets, and identifying mechanisms for achieving targets

� Develop implementation plan� Create security organization

� Administers access controls

� Authentication procedures, including biometrics

� Authorization policies, authorization management systems

� Perform security audit: review of security practices and procedures

33


Developing an E-commerce Security Plan



The Role of Laws and Public Policy

� Laws that give authorities tools for identifying,

tracing, prosecuting cybercriminals:� National Information Infrastructure Protection Act of 1996

� USA Patriot Act

� Homeland Security Act

� Private and private-public cooperation� CERT Coordination Center

� US-CERT

� Government policies and controls on encryption

software

� OECD guidelines

34



35


04-1 E-commerce Security slides

Education

Transcript of 04-1 E-commerce Security slides