INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Electronic Transaction Security (E-Commerce)
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Cryptographic Technologies
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Computer and Network Security Risanuri Hidayat, Ir., M.Sc.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CSCI 6962: Server-side Design and Programming
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Supporting Technologies III: Security 11/16 Lecture Notes.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Linux Networking and Security Chapter 8 Making Data Secure.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
4-Jun-164/598N: Computer Networks Differentiated Services Problem with IntServ: scalability Idea: segregate packets into a small number of classes –e.g.,
Chapter 8 – Network Security Two main topics Cryptographic algorithms and mechanisms Firewalls Chapter may be hard to understand if you don’t have some.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
CS 6401 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
1 6 Chapter 6 Implementing Security for Electronic Commerce.
Security Outline Encryption Algorithms Authentication Protocols
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Message Digest Cryptographic checksum One-way function Relevance
Protocol ap1.0: Alice says “I am Alice”
Advanced Computer Networks
Electronic Payment Security Technologies
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure Transaction m Secure Network

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues2 1. E-Commerce r refers to all commercial transactions conducted over the Internet, may include: m Banking m Sending orders m Investing r E-Business Models Store Front Shopping-Cart Technology Auction Model

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues3 1. E-Commerce Models r Storefront m What many people would think when they hear “e-commerce.” m Enable merchant to sell products online Organize product catalogs through their websites Take orders through the web Accept payment Manage customer information r Shopping-cart m Allows customers to accumulate items they wish to buy as they browse the website. m Eg, Amazon.com r Auction Model m Web offers a wide variety of auction sites that act as forums for Internet to assume the role of sellers and buyers. m Eg, eBay

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues4

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues5

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues6 1. E-Commerce & security r Security Made E-Commerce Possible m The most common form of e-commerce transaction consists of a retail purchase from a catalog. m Provides a way for user to: Purchase the item Manipulate a shopping cart Select a payment method

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues7 1. Secure Sockets r A browser keeps messages private by using encryption technology. m Encryption process is entirely hidden from users. m Browser handles the details m Encrypts the message before sending it m Technology used: SSL (Secure Socket Layer) m With SSL, a browser can encrypt messages so that the content remain private

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues8 2. Cryptography r 2 categories of cryptography based on key used: m symmetric key crypto: sender, receiver keys identical m public-key crypto: encrypt key different from decrypt key plaintext ciphertext K A K B

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues9 2. Cryptography Concepts plaintextciphertext Encryption Decryption Cryptosystem Secret Key System Public Key System This is a plaintext gH*lbz Cryptography process data into unintelligible form idea of encryption

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues10 2. Cryptographic Algorithms r Secret key algorithms m DES (Data Encryption Standard) m IDEA (International Data Encryption Algorithm) r Public key algorithms m RSA (Rivest, Shamir, and Adlerman) r Message Digest (cryptographic checksum) m MD5

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Secret (Symmetric) Key r Encrypting and decrypting a message using the same key m Sender sends message and key to receiver r Problems: m Key must be transmitted to receiver m Different key for every receiver m Key distribution centers used to reduce these problems Generates session key and sends it to sender and receiver encrypted with the unique key r Example of encryption algorithms: m Dunn Encryption Standard (DES), Triple DES, Advanced Encryption Standard (AES)

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Secret Key (DES) Symmetric plaintextciphertext Encrypt This is a plaintext gH*lbz Decrypt plaintext This is a plaintext secret key

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Public (Asymmetric) Key r Encrypting and decrypting a message using different keys m Asymmetric – two inversely related keys Private key Public key m Each party has both a public and a private key m Either the public key or the private key can be used to encrypt a message m If public key encrypts only private can decrypt and vice versa m Encrypted with private key Proves identity while maintaining security r Example: RSA public key algorithm

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Public Key (RSA) plaintextciphertext Encrypt This is a plaintext gH*lbz Decrypt plaintext This is a plaintext Asymmetric private key public key

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Message Digest r Although secret codes cannot be decrypted, hackers can intercept it, add a few bits and change the message completely r How to prevent this to happen? m Send a message digest together with the message r What is a message digest? m a hashed message and has very few bits (typically between bits) Document One-way hashing function Message digest

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Message Digest r Message Digest m MD5 (cryptographic checksum) m Hash algorithm (one-way function) m input: variable length message (or a document) m output: fixed length cryptographic checksum (eg 128 bits) m result also called the hash or message digest m protect message integrity (eg, against deliberate and accidental tampering)

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Message Digest r A simple example of hashing function using remainder m e.g. Let a = 1, b = 2,..., z = 26 r to hash ‘apple’ into a number between 0-9 m add up the letters m apple = = 50 m divide the sum by 10 m the remainder is the hashed value (= 50/10 = 0) m send ‘apple’ together with the hash value 0 r if apple is changed to opple, you can detect it because the hash code is different m o=15, o+p+p+l+e = 64, hash code = 4

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Security Services & Cryptography Security Cryptography algorithms Public key (e.g., RSA) Secret key (e.g., DES) Message digest (e.g., MD5) Security services AuthenticationPrivacyMessage integrity

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Security Services & Cryptography r Security services m Privacy: preventing unauthorized release of information m Authentication: verifying identity of the remote participant m Integrity: making sure message has not been altered r Functions provided by cryptography m Privacy: only those who know the (private & public) keys can encrypt and decrypt the message m Authentication: Use a digital signature (a code that can be generated only by a participant, eg using his/her private key) m Integrity: A message integrity code (MIC) is added to the message; MIC as a kind of checksum

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Digital Signatures r Digital signature m The electronic equivalent of written signatures. m Authenticates sender’s identity Sender (Bob) digitally signs document, establishing he is document owner/creator. Verifiable, nonforgeable: recipient (Alice) can verify that Bob, and no one else, signed document. m Digital signature combines public-key algorithm with message digest. Digital signature = signed message digest Sender used its private key to sign the message.

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Digital Signatures r Bob sends digitally signed message: r Alice verifies signature and integrity of digitally signed message:

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Transaction Security Protocols r Secure Sockets Layer (SSL) m Uses public-key technology and digital certificates to authenticate the server in a transaction m Protects information as it travels over Internet Without using SSLWhen using SSL

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues Transaction vs. Network Security r Transaction security protocols protects information as it travels over Internet m It does not protect once stored on receiver servers m Need to protect the servers: protect the network - network security protect the building where the servers are located r Network security m Allow authorized users access m Prevent unauthorized users from obtaining access m Example: firewall

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues24 3. Firewalls r A specially programmed router between a site and the rest of the Internet r connects to 2 or more networks r forward and filter packets r Denial-of-service m filters packets based on source IP address m protect hosts within a site from unwanted flooding of external packets r 2 categories m filter-based m proxy-based Rest of the InternetLocal siteFirewall

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues25 3. Firewalls r Filter-Based Solution m table of entries (source IP addr, source port, dest. Ip addr., dest. Port) m example filter all packets from port 1234 on host addressed to well-known port 80 on host ( , 1234, , 80 ) Filter all packets addressed to port 80 on (*,*, , 80 ) only allow access to port 25 (eg mail server) (*,*, , 25) m how dynamic? Install new filters as firewall is running patterns extended to include new ports as new TCP connections are established (may not know port number in advance)

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues26 3. Firewalls r Problem: complex policy r Example: to make certain pages of a web server available to all external users r unable to express policy as filters Company net Firewall Web server Random external user Remote company user Internet

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues27 3. Firewalls r Solution: put HTTP proxy on firewall r proxy: a process between a client & a server r remote user establish connection to proxy r If requested page is allowed establish connection to server else return error r Policy embodied in application specific proxy External client External HTTP/TCP connection Proxy Firewall Internal HTTP/TCP connection Local server

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues28 Further Readings r Reading assignment: chp 30, text book r This lecture is intended to provide a brief introduction of network and transactional security, students who wish to invest more time on studying security issues are referred to the following resources: r Security Issues: m Davis Chapter 8. r A master-level course IEG 7006: System Administration and Network Security, explore in-depth issues of security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.