Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.

Slides:



Advertisements
Similar presentations
Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.
Advertisements

Threats and Protection Mechanisms
Let’s Talk About Cyber Security
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
1 Chapter 5 Security Threats to Electronic Commerce.
Security Threats to Electronic Commerce
Security Threats to Electronic Commerce
Chapter 5 Security Threats to Electronic Commerce
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Electronic Commerce Security Presented by: Chris Brawley Chris Avery.
1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack.
Security+ Guide to Network Security Fundamentals
Chapter 10: Electronic Commerce Security
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Chapter 10: Electronic Commerce Security
Security Threats to Electronic Commerce
Wonga example Register Question- What risks do you think businesses face due to IT developments?
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
E-Commerce: The Second Wave Fifth Annual Edition
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
1 6 Chapter 6 Implementing Security for Electronic Commerce.
Storage Security and Management: Security Framework
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PART THREE E-commerce in Action Norton University E-commerce in Action.
The Internet 8th Edition Tutorial 7 Security on the Internet and the Web.
Chapter 5 Security Threats to Electronic Commerce
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
BUSINESS B1 Information Security.
1 E-Commerce Security Part I – Threats. 2 Objectives Threats to –intellectual property rights –client computers –communication channels between computers.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
Chapter 7: E-Commerce Security and Payment system
IT in Business Issues in Information Technology Lecture – 13.
Module 11: Designing Security for Network Perimeters.
1 6 Chapter 6 Implementing Security for Electronic Commerce.
Malicious Software.
Security Discussion IST Retreat June IT Security Statement definition In the context of computer science, security is the prevention of, or protection.
Chapter 10: Electronic Commerce Security Electronic Commerce, Sixth Edition.
Part V Electronic Commerce Security Online Security Issues Overview Managing Risk Computer Security Classifications. Security.
MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
9 1 ADVANCED WEB TOPICS Browser Extensions and Internet Security New Perspectives on THE INTERNET.
Computer Security By Duncan Hall.
Security and Ethics Safeguards and Codes of Conduct.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Computer threats, Attacks and Assets upasana pandit T.E comp.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Intellectual Property Rights TrademarksTrademarks: protects novel marks & designs used in marketing & advertising for an indefinite period as long as in.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
UNIT-4 Computer Security Classification 2 Online Security Issues Overview Computer security – The protection of assets from unauthorized access, use,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.
E-Commerce & Bank Security By: Mark Reed COSC 480.
Keimyung University 1 Network Control Hong Taek Ju College of Information and Communication Keimyung University Tel:
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Chapter 10: Electronic Commerce Security
Security on the Internet and the Web
Introduction to Computers
Implementing Security for Electronic Commerce
Securing Information Systems
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Presentation transcript:

Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1

Security Overview Computer security is the protection of assets from unauthorized access, use, alteration, or destruction. Two types of security: Physical security Logical security 2

Computer Security Classification Three computer security categories: Secrecy: refers to protecting against unauthorized data disclosure and ensuring the authenticity of the data’s source. Integrity: refers to preventing unauthorized data modification. Necessity: refers to preventing data delays or denials. 3

Security Policy and Integrated Security A security policy is a written statement describing which assets to protect and why they are being protected, who is responsible for that protection, and which behaviours are acceptable and which are not. Specific elements of a security policy address the following points: Authentication: Who is trying to access the electronic commerce site? Access control: Who is allowed to log on to and access the electronic commerce site? Secrecy: Who is permitted to view selected information? Data integrity: Who is allowed to change data, and who is not? Audit: Who or what causes selected events to occur and when? 4

Intellectual Property Threats Intellectual property is the ownership of ideas and control over the tangible or virtual representation of those ideas. U.S. Copyright Act of Copyright Clearance Center provides copyright information. Copyright infringements on the Web occur because users are ignorant of what they can and cannot copy. Domain Names Issues of intellectual property rights for Internet Domain Names: Cyber squatting Name changing Name stealing 5

Domain Names Cybersquatting: is the practice of registering a domain name that is the trademark of another person or company in the hopes that the owner will pay huge amounts of money to acquire the URL. Name Changing: occurs when someone registers purposely misspelled variations of well-known domain names. Name Stealing: occurs when someone changes the ownership of the domain name assigned to another site and owner. 6

Client Threats Web pages were mainly static. The widespread use of active content has changed the function of Web pages. Sources of client threats: Active content: refers to programs that are embedded transparently in Web pages and that cause actions to occur. Java, Java Applets, and JavaScript ActiveX Controls Graphics, plug-ins, and attachments 7

Virus A virus is software that attaches itself to another program and can cause damage when the host program is activated. Worm viruses replicate themselves on other machines. A macro virus is coded as a small program and is embedded in a file. A Trojan horse is a program hidden inside another program or Web page that masks its true purpose. A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers. 8

Communication Channel Threats The Internet is not at all secure. Messages on the Internet travel a random path from a source node to a destination node. Internet channel security threats include: secrecy integrity necessity 9

Wireless Network Threats WAPs provide network connections to computers and other mobile devices within a range of several hundred feet. The security of that connection depends on the WEP, which is a set of rules for encrypting transmissions from the wireless devices to the WAPs. Wardrivers are attackers that drive around in cars using their wireless-equipped laptop computers to search for accessible networks. 10

Server Threats Servers have vulnerabilities that can be exploited to cause destruction or to acquire information illegally. Server threats include: Web server threats database threats common gateway interface threats other programming threats Threats to the Physical Security of Servers 11

Computer Security Resources CERT SANS Institute Internet Storm Center Center for Internet Security Microsoft Research Security U.S. Dept. of Justice Cybercrime National Infrastructure Protection Center 12