SECURITY MECHANISM & E-COMMERCE

Slides:

Advertisements

Similar presentations

Network Security Chapter 1 - Introduction.

Advertisements

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

Chapter 1 – Introduction

Security+ Guide to Network Security Fundamentals

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Applied Cryptography for Network Security

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Introduction (Pendahuluan)  Information Security.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

An Introduction to Information Assurance COEN 150 Spring 2007.

Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

HIPAA COMPLIANCE WITH DELL

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Mobile Banking By: Chenyu Gong, Jalal Hafidi, Harika Malineni.

Chapter VII Security Management for an E-Enterprise -Ramyah Rammohan.

Chapter 1 Overview. The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on.

NETWORK SECURITY. TextBook William Stallings, Cryptography and Network Security: Principles and Practice, ? Edition.

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Electronic Commerce Semester 1 Term 1 Lecture 14.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University

LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.

Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.

Cryptography and Network Security

CS457 Introduction to Information Security Systems

Information Security, Theory and Practice.

Issues and Protections

إدارة الأعمال الإلكترونية عمادة التعلم الإلكتروني والتعليم عن بعد

Design for Security Pepper.

Information System and Network Security

PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471

Information Security.

Introduction Of Information Security

BY GAWARE S.R. DEPT.OF COMP.SCI

Information and Network Security

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

Cryptography and Network Security Chapter 1

INFORMATION SYSTEMS SECURITY and CONTROL

Cryptography and Network Security

ELECTRONIC PAYMENT SYSTEM.

Information Security: Terminology

Computer Science and Engineering

ITU-T Workshop on Security, Seoul (Korea), May 2002

Mohammad Alauthman Computer Security Mohammad Alauthman

Cryptography and Network Security

Presentation transcript:

SECURITY MECHANISM & E-COMMERCE Mr. In-Seop Lee KT/ITU-SG 2

Importance of Network Security Background Explosive growth of computers and network - To protect data and resources - To guarantee the authenticity of data - To protect systems Reliability Complexity of the Transition Unproven Services Increased Telecom Costs Increased Operating Costs Quality of Management Tools Security Lack of Standards Lack of Applications to Exploit Other 75% 73% 64% 69% 62% 61% 60% 48% 1% Source: Information Week. Concerns of IT executives ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Security aspects Security Attacks : An action that compromise the information Security Mechanism : Design to protect,prevent,recover from attacks Security Service : Enhance the security of data,systems, transfer Relationship between security objectives Treats Security Requirements services mechanisms algorithms objectives ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

INFORMATION FLOW MODEL Source Destination NORMAL FLOW A B ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 SECURITY THREATS INTERRUPTION A B INTERCEPTION B A X AVAILABILITY CONFIDENTIALITY MODIFICATION A B X FABRICATION A B X INTEGRITY AUTHENTICITY ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

SECURITY REQUIREMENTS CONFIDENTIALITY AUTHENTICATION INTEGRITY AVAILABILITY Communications & IT NON-REPUDIATION ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 SECURITY SERVICES Confidentiality Protection of transmitted data Authentication Assuring that communication is authentic Integrity Assuring that message has originality Non-repudiation Preventing denying message Access Control Limit & control the access Availability Automated or physical countermeasures ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 MODEL FOR NETWORK SECURITY ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

SIX LAYERS OF NETWORK SECURITY SECURITY AUDITING SECURITY TOOLS SOFTWARE MONITORING PHYSICAL SECURITY NETWORK ADMINISTRATOR ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

Secure E-Commerce EXAMPLE Security & Trust Increase Enlarge Internet intrinsic not possess an unique control world wide changing traditional “paper-based” transactions not offering an adequate protection,mechanisms * Need to countermeasures ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

SECURE E-COMMERCE: Security & Trust For Buyer & Merchant Trust Business & Legal Relationships Security IT Applications & Systems Correct Biz Legal trustworthy Technical Protections ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

STRUCTURING SOLUTIONS Trust Third party Interactions Security Fraud Controls IT Infrastructure International Legislation Insurance Technology & Management Policy ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 TECHNICAL SOLUTIONS Mechanisms - Verify the Actors’ Identity - Authorize Access to Resources - Protect Privacy - Keep Confident Sensitive Data Techniques - Firewall, SSL,VPN, IDS, - Authentication, Secure Applications (Web, DBMS, etc.), IPDR and Click Stream Analysis ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

OPEN PROBLEMS of E-COMMERCE (credibility,efficiency,solvency) Good’s Quality & Quantity After-sales assistance Privacy Safeguard Buyer’s Solvency Risk Related to the Purchase Business Risk Involved ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 TRUST SOLUTIONS International Legislation Customer Profile check Payment Methods assessment For Merchants to preserve the merchant public reputation and credibility to guarantee the payments to reduce the merchants’ economical losses due to fraudulent orders. Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 TRUST SOLUTIONS International Legislation Product Quality Product Delivery For Buyers - verification of process control - process based on information Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 RISK MANAGEMENT Secure E-commerce Security factors Trust factor Risk Management strategy Managing risks - Scan environments & identify risks Analyze risks & prioritized Define the solution ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018

ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 Conclusions Security Solutions Business loss Threats Investment costs Trust Solutions Thank you very much !!! ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002 19.11.2018