Upload
archibald-mcbride
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
22
Security IssuesSecurity Issues
From the user’s perspective:From the user’s perspective:Is the Is the Web server owned and operated by a legitimate company?Does Does the Web page and form contain some malicious or dangerous code or content?Will the Will the Web server distribute unauthorized information the user provides to some other party?
33
Security Issues Security Issues (cont.)(cont.)
From the company’s perspective:From the company’s perspective:Will the user not attempt to break into the Web server or alter the pages and content at the site?
Will Will the user try to disrupt the server so that it isn’t available to others?
44
Security Issues Security Issues (cont.)(cont.)
From both parties’ perspectives:From both parties’ perspectives:Is Is the network connection free from eavesdropping by a third party “listening” on the line?
Has Has the information sent back and forth between the server and the user’s browser been altered?
55
Security RequirementsSecurity Requirements
Authentication:Authentication: The process by The process by which one entity verifies that which one entity verifies that another entity is who they claim another entity is who they claim to be to be
Authorization:Authorization: The process that The process that ensures that a person has the ensures that a person has the right to access certain resourcesright to access certain resources
66
Security Requirements Security Requirements (cont.)(cont.)
Auditing:Auditing: The process of The process of collecting information about collecting information about attempts to access particular attempts to access particular resources, use particular resources, use particular privileges, or perform other privileges, or perform other security actionssecurity actions
77
Security Requirements Security Requirements (cont.)(cont.)
Confidentiality:Confidentiality: Keeping private or Keeping private or sensitive information from being sensitive information from being disclosed to unauthorized disclosed to unauthorized individuals, entities, or processesindividuals, entities, or processes
88
Security Requirements Security Requirements (cont.)(cont.)
Integrity:Integrity: As applied to data, the As applied to data, the ability to protect data from being ability to protect data from being altered or destroyed in an altered or destroyed in an unauthorized or accidental mannerunauthorized or accidental manner
99
Security Issues Security Issues (cont.)(cont.)
NonepudiationNonepudiation:: The ability to limit The ability to limit parties from refuting that a parties from refuting that a legitimate transaction took place, legitimate transaction took place, usually by means of a signatureusually by means of a signature
1010
Types of Threats and Types of Threats and AttacksAttacks
Nontechnical attack:Nontechnical attack: An attack An attack that uses chicanery to trick that uses chicanery to trick people into revealing sensitive people into revealing sensitive information or performing actions information or performing actions that compromise the security of a that compromise the security of a networknetwork
1212
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Social engineering:Social engineering: A type of A type of nontechnical attack that uses nontechnical attack that uses social pressures to trick computer social pressures to trick computer users into compromising users into compromising computer networks to which computer networks to which those individuals have accessthose individuals have access
1313
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Multiprong approach used to combat social engineering:
1. Education and training2. Policies and procedures3. Penetration testing
1414
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Technical attack:Technical attack: An attack An attack perpetrated using software and perpetrated using software and systems knowledge or expertise systems knowledge or expertise
1515
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Common (security) vulnerabilities Common (security) vulnerabilities and exposures (CVEs):and exposures (CVEs): Publicly Publicly known computer security risks, known computer security risks, which are collected, listed, and which are collected, listed, and shared by a board of security-shared by a board of security-related organizations related organizations ((cve.mitre.orgcve.mitre.org))
1616
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Denial-of-service (DoS) attack:Denial-of-service (DoS) attack: An An attack on a Web site in which an attack on a Web site in which an attacker uses specialized attacker uses specialized software to send a flood of data software to send a flood of data packets to the target computer packets to the target computer with the aim of overloading its with the aim of overloading its resourcesresources
1717
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Distributed denial-of-service (DDoS) Distributed denial-of-service (DDoS) attack:attack: A denial-of-service attack in A denial-of-service attack in which the attacker gains illegal which the attacker gains illegal administrative access to as many administrative access to as many computers on the Internet as computers on the Internet as possible and uses these multiple possible and uses these multiple computers to send a flood of data computers to send a flood of data packets to the target computerpackets to the target computer
1919
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Malware:Malware: A generic term for A generic term for malicious softwaremalicious software
The severity of the viruses increased substantially, requiring much more time and money to recover85% of survey respondents said that their organizations had been the victims of e-mail viruses in 2002
2020
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Malicious code takes a variety of forms—both pure and hybrid
Virus:Virus: A piece of software code that A piece of software code that inserts itself into a host, including inserts itself into a host, including the operating systems, to the operating systems, to propagate; it requires that its host propagate; it requires that its host program be run to activate itprogram be run to activate it
2121
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Worm:Worm: A software program that A software program that runs independently, consuming runs independently, consuming the resources of its host in order the resources of its host in order to maintain itself and is capable to maintain itself and is capable of propagating a complete of propagating a complete working version of itself onto working version of itself onto another machineanother machine
2222
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Macro virus or macro worm:Macro virus or macro worm: A A virus or worm that is executed virus or worm that is executed when the application object that when the application object that contains the macro is opened or contains the macro is opened or a particular procedure is a particular procedure is executedexecuted
2323
Types of Types of Threats and Attacks Threats and Attacks (cont.)(cont.)
Trojan horse:Trojan horse: A program that A program that appears to have a useful appears to have a useful function but that contains a function but that contains a hidden function that presents a hidden function that presents a security risksecurity risk
2424
Managing EC SecurityManaging EC Security
Common mistakes in managing their security risks (McConnell 2002):
Undervalued informationNarrowly defined security boundariesReactive security managementDated security management processesLack of communication about security responsibilities
2525
Managing EC Security Managing EC Security (cont.)(cont.)
Security risk management:Security risk management: A A systematic process for systematic process for determining the likelihood of determining the likelihood of various security attacks and for various security attacks and for identifying the actions needed to identifying the actions needed to prevent or mitigate those attacksprevent or mitigate those attacks
2626
Managing EC Security Managing EC Security (cont.)(cont.)
Phases of security risk Phases of security risk managementmanagement
AssessmentPlanningImplementationMonitoring
2727
Managing EC Security Managing EC Security (cont.)(cont.)
Phase 1: AssessmentPhase 1: AssessmentEvaluate security risks by determining assets, vulnerabilities of their system, and potential threats to these vulnerabilities
2828
Honeynet: A way to evaluate Honeynet: A way to evaluate vulnerabilities of an organization by vulnerabilities of an organization by studying the types of attacks to studying the types of attacks to which a site is subjected, using a which a site is subjected, using a network of systems called network of systems called honeypotshoneypots
Honeypots:Honeypots: Production systems (e.g., Production systems (e.g., firewalls,firewalls, routers, Web servers, routers, Web servers, database servers) designed to do real database servers) designed to do real work but to be watched and studied work but to be watched and studied as network intrusions occuras network intrusions occur
2929
Managing EC Security Managing EC Security (cont.)(cont.)
Phase 2: PlanningPhase 2: PlanningGoal of this phase is to arrive at Goal of this phase is to arrive at a set of policies defining which a set of policies defining which threats are tolerable and which threats are tolerable and which are notare not
Policies also specify the general Policies also specify the general measures to be taken against measures to be taken against those threats that are those threats that are intolerable or high priorityintolerable or high priority
3030
Managing EC Security Managing EC Security (cont.)(cont.)
Phase 3: ImplementationPhase 3: ImplementationParticular technologies are chosen to counter high-priority threats
First step is to select First step is to select generic types of technology for each of the high priority threats
3131
Managing EC Security Managing EC Security (cont.)(cont.)
Phase 4: Monitoring to determinePhase 4: Monitoring to determineWhich measures are successfulWhich measures are unsuccessful and need modificationWhether there are any new types of threatsWhether there have been advances or changes in technologyWhether there are any new business assets that need to be secured
3232
Managing EC Security Managing EC Security (cont.)(cont.)
Methods of securing ECMethods of securing ECAuthentication systemAuthentication system
Access control mechanismAccess control mechanism
Passive tokensPassive tokens
Active tokensActive tokens
3333
AuthenticationAuthentication
Authentication system:Authentication system: System System that identifies the legitimate that identifies the legitimate parties to a transaction, parties to a transaction, determines the actions they are determines the actions they are allowed to perform, and limits allowed to perform, and limits their actions to only those that their actions to only those that are necessary to initiate and are necessary to initiate and complete the transactioncomplete the transaction
3434
Authentication Authentication (cont.)(cont.)
Access control mechanism:Access control mechanism: Mechanism that limits the actions Mechanism that limits the actions that can be performed by an that can be performed by an authenticated person or groupauthenticated person or group
3535
Authentication Authentication (cont.)(cont.)
Passive tokens:Passive tokens: Storage devices Storage devices (e.g., magnetic strips) used in a (e.g., magnetic strips) used in a two-factor authentication system two-factor authentication system that contain a secret codethat contain a secret code
3636
Authentication Authentication (cont.)(cont.)
Active tokens:Active tokens: Small, stand-alone Small, stand-alone electronic devices in a two factor electronic devices in a two factor authentication system that authentication system that generate one-time passwordsgenerate one-time passwords
3737
Biometric ControlsBiometric Controls
Biometric systems:Biometric systems: Authentication systems that Authentication systems that identify a person by identify a person by measurement of a biological measurement of a biological characteristic such as a characteristic such as a fingerprint, iris (eye) pattern, fingerprint, iris (eye) pattern, facial features, or voicefacial features, or voice
3838
Biometric Controls Biometric Controls (cont.)(cont.)
Physiological biometrics:Physiological biometrics: Measurements derived directly Measurements derived directly from different parts of the body from different parts of the body (e.g., fingerprints, iris, hand, (e.g., fingerprints, iris, hand, facial characteristics)facial characteristics)Behavioral biometrics:Behavioral biometrics: Measurements derived from Measurements derived from various actions and indirectly from various actions and indirectly from various body parts (e.g., voice various body parts (e.g., voice scans or keystroke monitoring)scans or keystroke monitoring)
3939
Biometric Controls Biometric Controls (cont.)(cont.)
Fingerprint scanning:Fingerprint scanning: Measurement of Measurement of the discontinuities of a person’s the discontinuities of a person’s fingerprint, converted to a set of fingerprint, converted to a set of numbers that are stored as a template numbers that are stored as a template and used to authenticate identityand used to authenticate identityIris scanning:Iris scanning: Measurement of the Measurement of the unique spots in the iris (colored part unique spots in the iris (colored part of the eye), converted to a set of of the eye), converted to a set of numbers that are stored as a template numbers that are stored as a template and used to authenticate identityand used to authenticate identity
4040
Biometric Controls Biometric Controls (cont.)(cont.)
Voice scanning:Voice scanning: Measurement of Measurement of the acoustical patterns in speech the acoustical patterns in speech production, converted to a set of production, converted to a set of numbers that are stored as a numbers that are stored as a template and used to template and used to authenticate identityauthenticate identity
4141
Biometric Controls Biometric Controls (cont.)(cont.)
Keystroke monitoring:Keystroke monitoring: Measurement of the pressure, Measurement of the pressure, speed, and rhythm with which a speed, and rhythm with which a word is typed, converted to a set of word is typed, converted to a set of numbers that are stored as a numbers that are stored as a template and used to authenticate template and used to authenticate identity; this biometric is still under identity; this biometric is still under developmentdevelopment
4242
Encryption MethodsEncryption Methods
Public key infrastructure (PKI):Public key infrastructure (PKI): A A scheme for securing e-payments scheme for securing e-payments using public key encryption and using public key encryption and various technical componentsvarious technical components
4343
Encryption Methods Encryption Methods (cont.)(cont.)
Private and public key encryptionPrivate and public key encryptionEncryption:Encryption: The process of The process of scrambling (encrypting) a scrambling (encrypting) a message in such a way that it is message in such a way that it is difficult, expensive, or time-difficult, expensive, or time-consuming for an unauthorized consuming for an unauthorized person to unscramble (decrypt) person to unscramble (decrypt) itit
4444
Encryption Methods Encryption Methods (cont.)(cont.)
Plaintext:Plaintext: An unencrypted An unencrypted message in human-readable formmessage in human-readable form
Ciphertext:Ciphertext: A plaintext message A plaintext message after it has been encrypted into a after it has been encrypted into a machine-readable formmachine-readable form
Encryption algorithm:Encryption algorithm: The The mathematical formula used to mathematical formula used to encrypt the plaintext into the encrypt the plaintext into the ciphertext, and vice versaciphertext, and vice versa
4545
Encryption Methods Encryption Methods (cont.)(cont.)
Symmetric (private) key systemSymmetric (private) key systemKey:Key: The secret code used to The secret code used to encrypt and decrypt a messageencrypt and decrypt a message
Symmetric (private) key system:Symmetric (private) key system: An encryption system that uses An encryption system that uses the same key to encrypt and the same key to encrypt and decrypt the messagedecrypt the message
4646
Encryption Methods Encryption Methods (cont.)(cont.)
Data Encryption Standard (DES):Data Encryption Standard (DES): The standard symmetric encryption The standard symmetric encryption algorithm supported the NIST and algorithm supported the NIST and used by U.S. government agencies used by U.S. government agencies until October 2, 2000until October 2, 2000
Rijndael:Rijndael: The new Advanced The new Advanced Encryption Standard used to secure Encryption Standard used to secure U.S. government communications U.S. government communications since October 2, 2000since October 2, 2000
4848
Elements of PKIElements of PKI
Digital signature:Digital signature: An identifying An identifying code that can be used to code that can be used to authenticate the identity of the authenticate the identity of the sender of a documentsender of a document
PortableCannot be easily repudiated or imitated, and can be time-stamped
5050
Elements of PKI Elements of PKI (cont.)(cont.)
Digital signatures include:Digital signatures include:Hash:Hash: A mathematical computation that A mathematical computation that is applied to a message, using a private is applied to a message, using a private key, to encrypt the messagekey, to encrypt the message
Message digest:Message digest: A summary of a A summary of a message, converted into a string of message, converted into a string of digits, after the hash has been applieddigits, after the hash has been applied
Digital envelope:Digital envelope: The combination of the The combination of the encrypted original message and the encrypted original message and the digital signature, using the recipient’s digital signature, using the recipient’s public keypublic key
5151
Elements of PKI Elements of PKI (cont.)(cont.)
Digital certificate:Digital certificate: Verification Verification that the holder of a public or that the holder of a public or private key is who they claim to private key is who they claim to bebe
Certificate authorities (CAs):Certificate authorities (CAs): Third Third parties that issue digital parties that issue digital certificatescertificates
5252
Security ProtocolsSecurity Protocols
Secure Socket Layer (SSL):Secure Socket Layer (SSL): Protocol that utilizes standard Protocol that utilizes standard certificates for authentication and certificates for authentication and data encryption to ensure privacy data encryption to ensure privacy or confidentialityor confidentiality
Transport Layer Security (TLS):Transport Layer Security (TLS): As As of 1996, another name for the of 1996, another name for the SSL protocolSSL protocol
5353
Security Protocols Security Protocols (cont.)(cont.)
Secure Electronic Transaction Secure Electronic Transaction (SET):(SET): A protocol designed to A protocol designed to provide secure online credit card provide secure online credit card transactions for both consumers transactions for both consumers and merchants; developed jointly and merchants; developed jointly by Netscape, Visa, MasterCard, by Netscape, Visa, MasterCard, and othersand others
5454
Securing EC NetworksSecuring EC Networks
Technologies for organizational Technologies for organizational networksnetworks
Firewall:Firewall: A network node consisting of A network node consisting of both hardware and software that isolates both hardware and software that isolates a private network from a public networka private network from a public network
Packet-filtering routers:Packet-filtering routers: Firewalls that Firewalls that filter data and requests moving from the filter data and requests moving from the public Internet to a private network public Internet to a private network based on the network addresses of the based on the network addresses of the computer sending or receiving the computer sending or receiving the requestrequest
5555
Securing EC Networks Securing EC Networks (cont.)(cont.)
Packet filters:Packet filters: Rules that can Rules that can accept or reject incoming packets accept or reject incoming packets based on source and destination based on source and destination addresses and the other addresses and the other identifying informationidentifying information
Application-level proxy:Application-level proxy: A firewall A firewall that permits requests for Web that permits requests for Web pages to move from the public pages to move from the public Internet to the private networkInternet to the private network
5656
Securing EC Networks Securing EC Networks (cont.)(cont.)
Bastion gateway:Bastion gateway: A special A special hardware server that utilizes hardware server that utilizes application-level proxy software to application-level proxy software to limit the types of requests that can limit the types of requests that can be passed to an organization’s be passed to an organization’s internal networks from the public internal networks from the public InternetInternetProxies:Proxies: Special software programs Special software programs that run on the gateway server and that run on the gateway server and pass repackaged packets from one pass repackaged packets from one network to the othernetwork to the other
5858
Securing EC Networks Securing EC Networks (cont.)(cont.)
Personal firewalls:Personal firewalls:Personal firewall:Personal firewall: A network A network node designed to protect an node designed to protect an individual user’s desktop individual user’s desktop system from the public network system from the public network by monitoring all the traffic that by monitoring all the traffic that passes through the computer’s passes through the computer’s network interface cardnetwork interface card
5959
Securing EC Networks Securing EC Networks (cont.)(cont.)
VPNsVPNsVirtual private network (VPN):Virtual private network (VPN): A A network that uses the public network that uses the public Internet to carry information but Internet to carry information but remains private by using remains private by using encryption to scramble the encryption to scramble the communications, authentication to communications, authentication to ensure that information has not ensure that information has not been tampered with, and access been tampered with, and access control to verify the identity of control to verify the identity of anyone using the networkanyone using the network
6060
Securing EC Networks Securing EC Networks (cont.)(cont.)
Protocol tunneling:Protocol tunneling: Method used Method used to ensure confidentiality and to ensure confidentiality and integrity of data transmitted integrity of data transmitted over the Internet, by encrypting over the Internet, by encrypting data packets, sending them in data packets, sending them in packets across the Internet, and packets across the Internet, and decrypting them at the decrypting them at the destination addressdestination address
6161
Securing EC Networks Securing EC Networks (cont.)(cont.)
Intrusion detection systems Intrusion detection systems (IDSs):(IDSs): A special category of A special category of software that can monitor activity software that can monitor activity across a network or on a host across a network or on a host computer, watch for suspicious computer, watch for suspicious activity, and take automated activity, and take automated action based on what it seesaction based on what it sees
6262
Securing EC Networks Securing EC Networks (cont.)(cont.)
Network-based IDS uses rules to analyze suspicious activity at the perimeter of a network or at key locations in the networkConsists of a monitor—a software package that scans the software agents that reside on various host computers and feed information back to the monitor
6363
Managerial IssuesManagerial Issues
1. Have we budgeted enough for security?
2. What are the business consequences of poor security?
3. Which e-commerce sites are vulnerable to attack?
6464
Managerial Issues Managerial Issues (cont.)(cont.)
4. What is the key to establishing strong e-commerce security?
5. What steps should businesses follow inestablishing a security plan?
6. Should organizations be concerned with internal security threats?