The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

UNIT 20 The ex-hacker.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Craig Rimando Luke White. “hacking” - negative connotation Not always that way Originally a compliment Not all hacking necessarily bad “Good” hacking?
Implications and Security Issues of the Internet By Neelesh Patel.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Computer Threats I can understand computer threats and how to protect myself from these threats.
Module 2: Information Technology Infrastructure
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
E-commerce business. technology. society. Kenneth C. Laudon
Chapter 5 Security and Encryption
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Cyber Crimes.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
BUSINESS B1 Information Security.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
C8- Securing Information Systems
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
Management Information Systems Chapter Eight Securing Information Systems Md. Golam Kibria Lecturer, Southeast University.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Dimensions of E – Commerce Security
SECURITY IN E-COMMERCE Sheetal Chhabra. Introduction Contents Threats Threats to information security Acts of Human Error or failure Espionage/Trespass.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Chap1: Is there a Security Problem in Computing?.
Computer Skills and Applications Computer Security.
Ingredients of Security
Computer crimes.
Computer Security By Duncan Hall.
INTRODUCTION & QUESTIONS.
E-commerce Security By John Doran. What is e-commerce?  the buying and selling of products or services over the internet [3].  Most e-commerce transactions.
5 different ways to get tricked on the internet. 1. Viruses A virus is a computer malware program that copies it’s files to the computer. This may allow.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Any criminal action perpetrated primarily through the use of a computer.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Issues for Computer Users, Electronic Devices, Computer and Safety.
DEPARTMENT OF COMPUTER SCIENCE INTRODUCTION TO CYBER AND SECURITY.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Social Impacts of IT: P6 By André Sammut. Social Impacts IT impacts our life both in good ways and bad ways. Multiplayer Games Social Networks Anti-social.
7 Chapter Securing Information Systems 1. The Boston Celtics Score Big Points Against Spyware Problem: frequency of wireless usage exposed Celtics’ proprietary.
Securing Information Systems
Source: Ecommerce (Chapter 5) Pearson Education
IT Security  .
Chapter 5 Electronic Commerce | Security
Securing Information Systems
– Communication Technology in a Changing World
ISNE101 Dr. Ken Cosh Week 13.
Chapter 5 Electronic Commerce | Security
Copyright © 2002 Pearson Education, Inc.
Faculty of Science IT Department By Raz Dara MA.
Introduction to Cybercrime and Security
Computer Security By: Muhammed Anwar.
Presentation transcript:

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and businessmen worldwide. For criminals, the internet has created entirely new and lucrative ways to steal. Dimensions of Ecommerce Security There are six dimensions to ecommerce security: integrity, nonrepudiation, authenticity, confidentiality, privacy, and availability. Integrity Integrity refers to the ability to ensure that information being displayed on a website, or transmitted or received over the internet, has not been altered in any way by an unauthorized party or an unauthorized person.

The Ecommerce Security Environment Non-repudiation Non-repudiation refers to the ability to ensure that ecommerce participants do no deny their online actions. For instance, free accounts make it easy for a person to post comments or send a message and perhaps later deny doing so. Authenticity Authenticity refers to the ability to identify the identity of a person or entity with whom you are dealing on the internet. How does the customer know that the web site operator is who it claims to be? Confidentiality Confidentiality refers to the ability to ensure that the message and data are available only to those who are authorized to view them.

The Ecommerce Security Environment Privacy Which refers to the ability to control the use of information a customer provides about himself or herself to an ecommerce merchant. Availability Availability refers to the ability to ensure that an ecommerce site continues to functions as intended. Security Threats in the Ecommerce Environment From a technology perspective, there are three key points of vulnerability when dealing with ecommerce: the client, the server and the communication pipeline. The seven most damaging forms of security threats to ecommerce sites: 1)Malicious Code 2) Hacking & cybervandalism3) Credit Card - Theft/Fraud4) Spoofing5) Sniffing

The Ecommerce Security Environment Malicious Code Malicious Code (Sometimes refer to as “malware”) includes a variety of threats such as viruses, worms, Trojan Horses, and “bad applets”. Hacking and Cybervandalism A hacker is an individual who intends to gain unauthorized access to a computer system. Hackers gain unauthorized access by finding weaknesses in the security. Cybervandalism means intentionally disrupting, defacing, or even destroying the site. The “good hackers” became known as white hats because of their role in helping organizations locate and fix security flaws. In Contrast black hats are hackers who engage in the same kind of activities without pay or any buy- in from the targeted organizations, and with the intension of causing harm.Somewhere in the middle are grey hats hacker who believe they are pursuing some greater good by breaking in and revealing system flaws. Grey hats discover weaknesses in the system’s security and then publish the weakness without disrupting the site or attempting to profit from their finds. Credit Card Fraud What is one of the most-feared occurrences on the internet? Theft of credit card data. Fear that their credit card information will be stolen frequently prevents users from making online purchases. In ecommerce the greatest threat to the consumer is that the merchant’s server with which the consumer is transacting will “lose” the credit information or permit it to be delivered for a criminal purpose.

The Ecommerce Security Environment Spoofing Hackers attempt to hide their true identity often spoof, or misrepresent themselves by using fake addresses or masquerading as someone else. Sniffing A sniffer is a type of eavesdropping program that monitors information travelling over a network. When used legitimately, sniffer can help identify potential network trouble- spots, but when used for criminal purposes, they can be damaging and very difficult to detect. Sniffers enable hackers to steal proprietary information from anywhere on a network, including messages, company files, and confidential reports.