Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURITY MECHANISM & E-COMMERCE

Published byPreston Wilkerson Modified over 5 years ago

Similar presentations

Presentation on theme: "SECURITY MECHANISM & E-COMMERCE"— Presentation transcript:

1 SECURITY MECHANISM & E-COMMERCE
Mr. In-Seop Lee KT/ITU-SG 2

2 Importance of Network Security
Background Explosive growth of computers and network - To protect data and resources - To guarantee the authenticity of data - To protect systems Reliability Complexity of the Transition Unproven Services Increased Telecom Costs Increased Operating Costs Quality of Management Tools Security Lack of Standards Lack of Applications to Exploit Other 75% 73% 64% 69% 62% 61% 60% 48% 1% Source: Information Week. Concerns of IT executives ITU-T Workshop on Security - Seoul (Korea), May 2002

3 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
Security aspects Security Attacks : An action that compromise the information Security Mechanism : Design to protect,prevent,recover from attacks Security Service : Enhance the security of data,systems, transfer Relationship between security objectives Treats Security Requirements services mechanisms algorithms objectives ITU-T Workshop on Security - Seoul (Korea), May 2002

4 INFORMATION FLOW MODEL
Source Destination NORMAL FLOW A B ITU-T Workshop on Security - Seoul (Korea), May 2002

5 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
SECURITY THREATS INTERRUPTION A B INTERCEPTION B A X AVAILABILITY CONFIDENTIALITY MODIFICATION A B X FABRICATION A B X INTEGRITY AUTHENTICITY ITU-T Workshop on Security - Seoul (Korea), May 2002

6 SECURITY REQUIREMENTS
CONFIDENTIALITY AUTHENTICATION INTEGRITY AVAILABILITY Communications & IT NON-REPUDIATION ITU-T Workshop on Security - Seoul (Korea), May 2002

7 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
SECURITY SERVICES Confidentiality Protection of transmitted data Authentication Assuring that communication is authentic Integrity Assuring that message has originality Non-repudiation Preventing denying message Access Control Limit & control the access Availability Automated or physical countermeasures ITU-T Workshop on Security - Seoul (Korea), May 2002

8 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
MODEL FOR NETWORK SECURITY ITU-T Workshop on Security - Seoul (Korea), May 2002

9 SIX LAYERS OF NETWORK SECURITY
SECURITY AUDITING SECURITY TOOLS SOFTWARE MONITORING PHYSICAL SECURITY NETWORK ADMINISTRATOR ITU-T Workshop on Security - Seoul (Korea), May 2002

10 Secure E-Commerce EXAMPLE
Security & Trust Increase Enlarge Internet intrinsic not possess an unique control world wide changing traditional “paper-based” transactions not offering an adequate protection,mechanisms * Need to countermeasures ITU-T Workshop on Security - Seoul (Korea), May 2002

11 SECURE E-COMMERCE: Security & Trust
For Buyer & Merchant Trust Business & Legal Relationships Security IT Applications & Systems Correct Biz Legal trustworthy Technical Protections ITU-T Workshop on Security - Seoul (Korea), May 2002

12 STRUCTURING SOLUTIONS
Trust Third party Interactions Security Fraud Controls IT Infrastructure International Legislation Insurance Technology & Management Policy ITU-T Workshop on Security - Seoul (Korea), May 2002

13 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TECHNICAL SOLUTIONS Mechanisms - Verify the Actors’ Identity - Authorize Access to Resources - Protect Privacy - Keep Confident Sensitive Data Techniques - Firewall, SSL,VPN, IDS, - Authentication, Secure Applications (Web, DBMS, etc.), IPDR and Click Stream Analysis ITU-T Workshop on Security - Seoul (Korea), May 2002

14 OPEN PROBLEMS of E-COMMERCE (credibility,efficiency,solvency)
Good’s Quality & Quantity After-sales assistance Privacy Safeguard Buyer’s Solvency Risk Related to the Purchase Business Risk Involved ITU-T Workshop on Security - Seoul (Korea), May 2002

15 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TRUST SOLUTIONS International Legislation Customer Profile check Payment Methods assessment For Merchants to preserve the merchant public reputation and credibility to guarantee the payments to reduce the merchants’ economical losses due to fraudulent orders. Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), May 2002

16 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TRUST SOLUTIONS International Legislation Product Quality Product Delivery For Buyers - verification of process control - process based on information Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), May 2002

17 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
RISK MANAGEMENT Secure E-commerce Security factors Trust factor Risk Management strategy Managing risks - Scan environments & identify risks Analyze risks & prioritized Define the solution ITU-T Workshop on Security - Seoul (Korea), May 2002

18 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
Conclusions Security Solutions Business loss Threats Investment costs Trust Solutions Thank you very much !!! ITU-T Workshop on Security - Seoul (Korea), May 2002

Download ppt "SECURITY MECHANISM & E-COMMERCE"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.

An Introduction to Information Assurance COEN 150 Spring 2007.
Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.

Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

Similar presentations

Ads by Google