Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World."— Presentation transcript:

1 Electronic Commerce 2

2 Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World Wide Web. Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World Wide Web.

3 Security A key issue in Ecommerce Firewalls are critical in ensuring host sites are secure If sites are not secure all the rest is worthless

4 Firewalls can be an effective means of protecting a system or network from network-based security threats while providing access to the outside world positioned between the system(s) and the outside world all external traffic must pass through it a single choke point where security measures can be concentrated

5 Types of Firewall there are hardware and software firewalls can be implemented on a designated gateway or dedicated machine there are three types: packet filtering routers packet filtering routers application-level gateway application-level gateway circuit-level gateway circuit-level gateway

6 Packet Filtering Routers Also known as a screen A router that applies a set of rules to incoming and outgoing packets: based on fields in the IP and transport header based on fields in the IP and transport header e.g. source, destination IP, port and IP protocol e.g. source, destination IP, port and IP protocol where no rule exists to discard of forward where no rule exists to discard of forward

7 Application-Level Gateway An application-level gateway acts as a relay of application-level traffic also known as a proxy server users contact the proxy using TCP/IP based applications the gateway checks and forwards for supported/allowed applications or safe sub- sets/features thereof these tend to be more secure than packet filters need only to scrutinise a few supported applications disadvantage: processing overhead

8 Circuit-level Gateway Can be stand-alone system or hosted does not permit end-to-end TCP connection sets up two TCP connection one on either side TCP segments are relayed without examining content based on the principle of allowing connections only to select/trusted hosts usually used for outgoing connections can therefore complement application-layer gateways for incoming traffic

9 Bastion Host Applied to critical strong point in the network’s security can support application or circuit layer gateways runs on a dedicated host with secure operating system only essential services are installed (proxy applications like Telnet, DNS, FTP, SMTP and user authentication allows access only to specific hosts detailed logs are kept dedicated code of small size to increase speed no disk access to combat trojan horses runs as a non-privileged user in a private and secured directory on the bastion host

10 Firewall Configurations In addition to simple firewalls as described, more complex configurations are common

11 screened host firewall, single- homed bastion Screen Bastion

12 screened host firewall, dual-homed bastion Screened host Bastion home 1 Bastion Home 2

13 screened subnet firewall Screened subnet

14 Four ways to improve public confidence  Using third party authenticated services for securing credit card transactions  Ensuring the public:  can easily distinguish between well known trusted brands and traders and suspect third parties.  are aware of actual fraud levels including ecommerce vs conventional levels  are aware of likely sources of fraud: e.g. suspect sites and trojan horses.

15 Old Threats in New Forms Conventionally credit card details may be obtained via of bills or counter foils telephone transactions may be with spurious agents intent on fraud. Normal credit card fraud prevention eliminates fraud or rapidly identifies potential fraudsters and rejects transactions

16 New Threats Phishing Setting up spurious sites to obatin personal details to allow imposters to masquerade Setting up spurious sites to obatin personal details to allow imposters to masquerade Identity Theft

17 Conclusion Trust in Ecommerce is critically dependent on secure web services Firewalls are the key technology in keeping the hosts of web services secure There are several sorts of firewall but all operate by dividing the world into secure and insecure areas.

18 Further Information Evaluation and testing of internet firewalls Evaluation and testing of internet firewalls Khalid Al-Tawil, Ibrahim A. Al-Kaltham International Journal of Network Management, Volume 9 Issue 3, May 1999 Evaluation and testing of internet firewalls http://www.sygate.com/

Download ppt "Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
Firewalls 2014.04.07 Uyanga Tserengombo

Firewalls Uyanga Tserengombo
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.

FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj

Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
—On War, Carl Von Clausewitz

—On War, Carl Von Clausewitz
Chapter 11 Firewalls.

Chapter 11 Firewalls.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Similar presentations

Ads by Google