Download presentation
Presentation is loading. Please wait.
1
Electronic Commerce 2
2
Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World Wide Web. Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World Wide Web.
3
Security A key issue in Ecommerce Firewalls are critical in ensuring host sites are secure If sites are not secure all the rest is worthless
4
Firewalls can be an effective means of protecting a system or network from network-based security threats while providing access to the outside world positioned between the system(s) and the outside world all external traffic must pass through it a single choke point where security measures can be concentrated
5
Types of Firewall there are hardware and software firewalls can be implemented on a designated gateway or dedicated machine there are three types: packet filtering routers packet filtering routers application-level gateway application-level gateway circuit-level gateway circuit-level gateway
6
Packet Filtering Routers Also known as a screen A router that applies a set of rules to incoming and outgoing packets: based on fields in the IP and transport header based on fields in the IP and transport header e.g. source, destination IP, port and IP protocol e.g. source, destination IP, port and IP protocol where no rule exists to discard of forward where no rule exists to discard of forward
7
Application-Level Gateway An application-level gateway acts as a relay of application-level traffic also known as a proxy server users contact the proxy using TCP/IP based applications the gateway checks and forwards for supported/allowed applications or safe sub- sets/features thereof these tend to be more secure than packet filters need only to scrutinise a few supported applications disadvantage: processing overhead
8
Circuit-level Gateway Can be stand-alone system or hosted does not permit end-to-end TCP connection sets up two TCP connection one on either side TCP segments are relayed without examining content based on the principle of allowing connections only to select/trusted hosts usually used for outgoing connections can therefore complement application-layer gateways for incoming traffic
9
Bastion Host Applied to critical strong point in the network’s security can support application or circuit layer gateways runs on a dedicated host with secure operating system only essential services are installed (proxy applications like Telnet, DNS, FTP, SMTP and user authentication allows access only to specific hosts detailed logs are kept dedicated code of small size to increase speed no disk access to combat trojan horses runs as a non-privileged user in a private and secured directory on the bastion host
10
Firewall Configurations In addition to simple firewalls as described, more complex configurations are common
11
screened host firewall, single- homed bastion Screen Bastion
12
screened host firewall, dual-homed bastion Screened host Bastion home 1 Bastion Home 2
13
screened subnet firewall Screened subnet
14
Four ways to improve public confidence Using third party authenticated services for securing credit card transactions Ensuring the public: can easily distinguish between well known trusted brands and traders and suspect third parties. are aware of actual fraud levels including ecommerce vs conventional levels are aware of likely sources of fraud: e.g. suspect sites and trojan horses.
15
Old Threats in New Forms Conventionally credit card details may be obtained via of bills or counter foils telephone transactions may be with spurious agents intent on fraud. Normal credit card fraud prevention eliminates fraud or rapidly identifies potential fraudsters and rejects transactions
16
New Threats Phishing Setting up spurious sites to obatin personal details to allow imposters to masquerade Setting up spurious sites to obatin personal details to allow imposters to masquerade Identity Theft
17
Conclusion Trust in Ecommerce is critically dependent on secure web services Firewalls are the key technology in keeping the hosts of web services secure There are several sorts of firewall but all operate by dividing the world into secure and insecure areas.
18
Further Information Evaluation and testing of internet firewalls Evaluation and testing of internet firewalls Khalid Al-Tawil, Ibrahim A. Al-Kaltham International Journal of Network Management, Volume 9 Issue 3, May 1999 Evaluation and testing of internet firewalls http://www.sygate.com/
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.