Embed Size (px)
Citation preview
Cornerstones of Internet Cornerstones of Internet securitysecurity
E-bussiness threatsE-bussiness threats
• Threats to e-commerce systems can be either malicious or accidental. The procedures and controls you put in place to protect your site should help minimise both.
Malicious threats could include:Malicious threats could include:
• hackers attempting to penetrate a system to read or alter sensitive data
• burglars stealing a server or laptop that has unprotected sensitive data on its disk
• imposters posing as legitimate users and even creating a website similar to yours
• authorised users downloading a web page or receiving an email with hidden active content that attacks your systems or sends sensitive information to unauthorised people
Cornerstones of Internet securityCornerstones of Internet security
• Authenticity : it maeans verifying the identity of the user. In tcp/ip the basic means of verifying is password, but password can be intercepted. IP address can also be spoofed.
• Privacy: are the contents of message secret ?breaches of privacy can occur both during and after the transactions .
ContdContd
• Integrity: have the content of the message modified during transmission?
• Nonrepudiation: Can the sender of the message deny that they actually sent the message
E-business security controlE-business security control
• Authentication• There are several techniques that can identify and verify someone
seeking to access an e-commerce system. These include:• A user name and password combination, where the password can
vary in length and include numbers and characters. Remember to include a system that prompts employees to change their passwords at regular intervals.
• "Two-factor" authentication requiring something the user has (eg an authentication token) and something the user knows (eg a personal identification number).
• A digital certificate that enables authentication through the use of an individual's unique signing key.
• A person's unique physical attribute, referred to as a biometric. This can range from a fingerprint or iris scan, through to retina or facial-feature recognition.
Acess Acess
• Access control• This restricts different classes of users to subsets of information and
ensures that they can only access data and services for which they have been authorised. These include using:
• network restrictions to prevent access to other computer systems and networks
• application controls to ensure individuals are limited in the data or service they can access
• restrictions on what can be copied from the system and stored on pen drives, memory sticks or CDs/DVDs
• limits on the sending and receiving of certain types of email attachments
• Changes to access privileges must be controlled to prevent users retaining them if they transfer between departments or leave the business.
EncryptionEncryption
• Encryption• This technique scrambles data, and is used to
protect information that is being either held on a computer or transmitted over a network. It uses technologies such as virtual private networks (VPNs) and secure socket layers.
• One way to ensure that confidentiality and privacy of message is to make sure that even if they fall into wrong hands cannot be read. this is where cryptography comes into play.
Basic parts of cryptographyBasic parts of cryptography
• Plain text: the original meesage in human readable form
• Ciphertext: the palin text message after it has been encrypted into unreadable form
• Encryption algorithm: the mathematical formula used to encrypt the plain text into ciphertext.
• Key: the secre key used to encrypt and decrypt a message .
Cipher TextCipher Text
• Text that has been encrypted and thus can not be read by any one besides the sender and the receiver.
• Key (Cipher): Any method for transforming plain text into cipher text.
• Substitution Cipher: Every occurrence of a given letter is replaced systematically by another letter. Say letter plus 2 Substitution will make HELLO as JGNNQ
Transposition CipherTransposition Cipher
• Ordering of letters in each word is changed in some systematic way. The word HELLO can be written as OLLEH or a more complicated cipher would be:– Break all words into two words– Spell the first word with every other letter
beginning with the first letter, then spell the second word with all the remaining letter, HLO EL
Basic infrastructure used in Basic infrastructure used in cryptographycryptography
• Public key / asymmetric cryptography
• Private key/ symmetric cryptography.
A big random number is used to make a public-key/private-key pair.
Private keyPrivate key
• secret key cryptography, also known as symmetric cryptography uses a single secret key for both encryption and decryption. To use symmetric cryptography for communication, both the sender & receiver would have to know the key beforehand, or it would have to be sent along with the message.
Private keyPrivate key
• Encryption involves applying an operation (an algorithm) to the data to be encrypted using the private key to make them unintelligible. The slightest algorithm (such as an exclusive OR) can make the system nearly tamper proof (there being so such thing as absolute security).
Disadvantages of private keyDisadvantages of private key
• symmetric encryption requires that a secure channel be used to exchange the key, which seriously diminishes the usefulness of this kind of encryption system.
• Symmetric encryption is based on the exchange of a secret (keys). The problem of key distribution therefore arises
• Moreover, a user wanting to communicate with several people while ensuring separate confidentiality levels has to use as many private keys as there are people. For a group of N people using a secret-key cryptosystem, it is necessary to distribute a number of keys equal to N * (N-1) / 2.
Public Key EncryptionPublic Key Encryption
• Each user gets a pair of keys– 1 private; 1 public
• Public key is shared with the world and used for encryption
• Private key is kept private and used for decryption
• There is no way to determine the private key from knowledge of the public key
• There is no need to exchange keys secretly
Public key encryptionPublic key encryption
• Public-key encryption (also called asymmetric encryption) involves a pair of keys--a public key and a private key--associated with an entity that needs to authenticate its identity electronically or to sign or encrypt data. Each public key is published, and the corresponding private key is kept secret. Data encrypted with your public key can be decrypted only with your private key.
Anyone can encrypt using the public key, but only the holder of the private key can decrypt. Security depends on the secrecy of the private key.
Public keyPublic key
Data encrypted with your private key can be decrypted only with your public key. This would not be a desirable way to encrypt sensitive data, however, because it means that anyone with your public key, which is by definition published, could decrypt the data.
Using a private key to encrypt (thus signing) a message; anyone can check the signature using the public key. Validity depends on private key security.
PK Encryption using Digital PK Encryption using Digital Signatures and Hash DigestsSignatures and Hash Digests
• There is no authentication of sender. The sender could deny sending the message that is repudiation.
• There is no assurance that messaged was not altered somehow in transit.
• A hash function is used first to create a hash digest( an algorithm that is used to produce a fixed length number called Hash or message digest
AuthenticationAuthentication
• How does Alice know that message came from Bob?
• Everyone knows Alice’s public key
• Solution:– Bob signs the message
Authentication: Signing a MessageAuthentication: Signing a Message
• Bob hashes the message
• He encrypts the hash, date, and time with his private key and appends it to message (signature)
• Then entire message is encrypted with alice’s public key
Hash FunctionHash Function
• It can be a simple function to count of 1’s in the message.
• It can be complex to produce a 128 bit number that reflects the number of 1’s and 0’s in the message
• Result of applying the Hash function are sent by the sender to the recipient
• Recipient applies the same hash function to verify the same results are produced.
What is a Digital Signature?What is a Digital Signature?
How Does Alice Know Message is How Does Alice Know Message is From Bob?From Bob?
• Alice decrypts the message and reads the signature
• Tries to decrypt the signature with bob’s public key– OK: Must be bob -- only he has the
corresponding private key– Not OK: Sent by someone else
Non-RepudiationNon-Repudiation
• Alice cannot repudiate message
• Signature is hers
• Signature hash matches document
• Nobody else could have sent it and Bob could not have made it up
IntegrityIntegrity
• Nobody can intercept the message, modify it, and resend
• If so, hash would be incorrect
Potential Problems with Public Potential Problems with Public Key CryptographyKey Cryptography
• Too hard to keep track of all partners’ public keys
• What if partner wants to change public key (perhaps private key was compromised)?
• Cannot trust sender to send you their public key, because they could be imposter
• Solution is Public Key Infrastructure
