Security Threats to Electronic Commerce
Objectives Important computer and electronic commerce security terms Why secrecy, integrity, and necessity are three parts of any security program The roles of copyright and intellectual property and their importance in any study of electronic commerce
Objectives Threats and counter measures to eliminate or reduce threats Specific threats to client machines, Web servers, and commerce servers Roles encryption and certificates play
Security Overview Many fears to overcome Intercepted e-mail messages Unauthorized access to digital intelligence Credit card information falling into the wrong hands Two types of computer security Physical - protection of tangible objects Logical - protection of non-physical objects
Security Overview Countermeasures: physical or logical procedures that recognize, reduce, or eliminate a threat
Computer Security Classification Secrecy/Confidentiality Protecting against unauthorized data disclosure and ensuring the authenticity of the data’s source Privacy The ability to ensure the use of information about oneself Integrity Preventing unauthorized data modification by an unauthorized party Necessity Preventing data delays or denials (removal)
Computer Security Classification Nonrepudiation Ensure that e-commerce participants do not deny (i.e., repudiate) their online actions Authenticity The ability to identify the identity of a person or entity with whom you are dealing on the Internet
Copyright and Intellectual Property Protecting expression Literary and musical works Pantomimes and choreographic works Pictorial, graphic, and sculptural works Motion pictures and other audiovisual works Sound recordings Architectural works
Copyright and Intellectual Property The ownership of ideas and control over the tangible or virtual representation of those ideas U.S. Copyright Act of 1976 Protects previously stated items for a fixed period of time Copyright Clearance Center Clearinghouse for U.S. copyright information
Intellectual Property Threats The Internet presents a tempting target for intellectual property threats Very easy to reproduce an exact copy of anything found on the Internet People are unaware of copyright restrictions, and unwittingly infringe on them Fair use allows limited use of copyright material when certain conditions are met
MANAGEMENT CHALLENGES Designing systems that are neither over-controlled nor under-controlled Applying quality assurance standards in large systems projects
Why Systems are Vulnerable Advances in telecommunications and computer software Unauthorized access, abuse, or fraud Hackers Denial of service attack Computer virus
Telecommunication Network Vulnerabilities Figure 14-1
Concerns for System Builders and Users Disaster Destroys computer hardware, programs, data files, and other equipment Security Prevents unauthorized access, alteration, theft, or physical damage
Concerns for System Builders and Users Errors Cause computers to disrupt or destroy organization’s record-keeping and operations
System Quality Problems: Software and Data Bugs Program code defects or errors Maintenance Nightmare Maintenance costs high due to organizational change, software complexity, and faulty system analysis and design
Points in the Processing Cycle where Errors can Occur Figure 14-2
Data Quality Problems Caused due to errors during data input or faulty information system and database design
The Cost of Errors over the Systems Development Cycle Figure 14-3
Overview Controls Methods, policies, and procedures Ensures protection of organization’s assets Ensures accuracy and reliability of records, and operational adherence to management standards
General Controls and Application Controls Establish framework for controlling design, security, and use of computer programs Include software, hardware, computer operations, data security, implementation, and administrative controls
Security Profiles for a Personnel System Figure 14-4
General Controls and Application Controls Unique to each computerized application Include input, processing, and output controls
Protecting the Digital Firm On-line transaction processing: Transactions entered online are immediately processed by computer Fault-tolerant computer systems: Contain extra hardware, software, and power supply components
Protecting the Digital Firm High-availability computing: Tools and technologies enabling system to recover from a crash Disaster recovery plan: Runs business in event of computer outage Load balancing: Distributes large number of requests for access among multiple servers Mirroring: Duplicating all processes and transactions of server on backup server to prevent any interruption Clustering: Linking two computers together so that a second computer can act as a backup to the primary computer or speed up processing
Security Threats in the E-commerce Environment Three key points of vulnerability the client communications pipeline the server
Vulnerable Points in an E-commerce Environment
Electronic Commerce Threats Client Threats Active Content Java applets, Active X controls, JavaScript, and VBScript Programs that interpret or execute instructions embedded in downloaded objects Malicious active content can be embedded into seemingly innocuous Web pages -- launched when you use your browser to view the page
Electronic Commerce Threats Client Threats -- Cookies remember user names, passwords, and other commonly referenced information Exercise Go to “cookie FAQs” on text links page or: http://www.cookiecentral.com/faq/ Are cookies dangerous? How did they get to be called “cookies?” What are the benefits of cookies?
Graphics, Plug-ins, and E-mail Attachments Code can be embedded into graphic images causing harm to your computer Plug-ins are used to play audiovisual clips, animated graphics Could contain ill-intentioned commands hidden within the object E-mail attachments can contain destructive macros within the document
Communication Channel Threats Secrecy Threats Secrecy is the prevention of unauthorized information disclosure - technical issue Privacy is the protection of individual rights to nondisclosure - legal issue regarding rights Theft of sensitive or personal information is a significant danger Your IP address and browser you use are continually revealed while on the web
Communication Channel Threats Anonymizer A Web site that provides a measure of secrecy as long as it’s used as the portal to the Internet http://www.anonymizer.com Check out “Here’s what we know about you” Integrity Threats Also known as active wiretapping Unauthorized party can alter data Change the amount of a deposit or withdrawal
Communication Channel Threats Necessity Threats Also known as delay or denial threats Disrupt normal computer processing Deny processing entirely Slow processing to intolerably slow speeds Remove file entirely, or delete information from a transmission or file Divert money from one bank account to another
Server Threats The more complex software becomes, the higher the probability that errors (bugs) exist in the code Servers run at various privilege levels Highest levels provide greatest access and flexibility Lowest levels provide a logical fence around a running program
Server Threats Contents of a server’s folder names are revealed to a Web browser Cookies should never be transmitted unprotected Sensitive files such as username and password pairs or credit card numbers Hacking and Cracking -- the Web server administrator is responsible for ensuring that all sensitive files, are secure
Database Threats Once a user is authenticated to a database, selected database information is visible to the user. Security is often enforced through the use of privileges Some databases are inherently insecure and rely on the Web server to enforce security measures
Other Threats Common Gateway Interface (CGI) Threats CGIs are programs that present a security threat if misused CGI programs can reside almost anywhere on a Web server and therefore are often difficult to track down CGI scripts do not run inside a sandbox, unlike JavaScript
Other Threats Other programming threats include Programs executed by the server Buffer overruns can cause errors Runaway code segments The Internet Worm attack was a runaway code segment Buffer overflow attacks occur when control is released by an authorized program, but the intruder code instructs control to be turned over to it
Tools Available to Achieve Site Security
Encryption Transforms plain text or data into cipher text that cannot be read by anyone outside of the sender and the receiver. Purpose: to secure stored information to secure information transmission. Cipher text text that has been encrypted and thus cannot be read by anyone besides the sender and the receiver Symmetric Key Encryption DES standard most widely used
Encryption Public key cryptography uses two mathematically related digital keys: a public key and a private key. The private key is kept secret by the owner, and the public key is widely disseminated. Both keys can be used to encrypt and decrypt a message. A key used to encrypt a message, cannot be used to unencrypt the message
Public Key Cryptography - A Simple Case
Public Key Cryptography with Digital Signatures
Public Key Cryptography: Creating a Digital Envelope
Securing Channels of Communications Secure Sockets Layer (SSL) is the most common form of securing channels Secure negotiated session client-server session where the requested document URL, contents, forms, and cookies are encrypted. Session key is a unique symmetric encryption key chosen for a single secure session
Secure Negotiated Sessions Using SSL
Securing Channels of Communications Secure Hypertext Transfer Protocol (S-HTTP) secure message-oriented communications protocol for use with HTTP. Virtual Private Networks (VPN) remote users can securely access internal networks via Point-to-Point Tunneling Protocol (PPTP)
Protecting Networks Firewalls Proxy server software applications that act as a filter between a private network and the Internet Proxy server server that handles all communications originating from or being sent to the Internet, acting as a spokesperson or bodyguard for the organization
Policies, Procedures, and Laws Developing an e-commerce security plan perform a risk assessment develop a security policy develop an implementation plan create a security organization perform a security audit
Tension Between Security and Other Values Ease of use Often security slows down processors and adds significantly to data storage demands. Too much security can harm profitability; not enough can mean going out of business. Public Safety & Criminal Use claims of individuals to act anonymously vs. needs of public officials to maintain public safety in light of criminals or terrorists.
Security Policy and Integrated Security Security policy is a written statement describing what assets are to be protected and why, who is responsible, which behaviors are acceptable or not Physical security Network security Access authorizations Virus protection Disaster recovery
Specific Elements of a Security Policy Authentication Who is trying to access the site? Access Control Who is allowed to logon and access the site? Secrecy Who is permitted to view selected information Data integrity Who is allowed to change data? Audit What and who causes selected events to occur, and when?
Computer Emergency Response Team (CERT) Housed at Carnegie Mellon University Responds to security events and incidents within the U.S. government and private sector
Some questions Can internet security measures actually create opportunities for criminals to steal? How? Why are some online merchants hesitant to ship to international addresses? What are some steps a company can take to thwart cyber-criminals from within a business? Is a computer with anti-virus software protected from viruses? Why or why not? What are the differences between encryption and authentication? Discuss the role of administration in implementing a security policy?
Group Exercise Given the shift to m-commerce, identify and discuss the new security threats to this type of technology? What are some of the non-security impacts on society? Select a reporter and give a brief synopsis of your views to the class.