Soumettre la recherche
Mettre en ligne
Unit 2aa
•
Télécharger en tant que PPT, PDF
•
0 j'aime
•
1,115 vues
Sheetal Verma
Suivre
Technologie
Signaler
Partager
Signaler
Partager
1 sur 61
Télécharger maintenant
Recommandé
Usb based secure e mail
Usb based secure e mail
csandit
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
ijdpsjournal
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
ijceronline
Ch12(revised 20071226)
Ch12(revised 20071226)
華穗 徐
Electronic Mail Security (University of Jeddah, Saudi Arabia)
Electronic Mail Security (University of Jeddah, Saudi Arabia)
IJCSIS Research Publications
IBPS SO
IBPS SO
Jitendra kadu
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Nuzhat Memon
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...
IJECEIAES
Recommandé
Usb based secure e mail
Usb based secure e mail
csandit
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
ijdpsjournal
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
ijceronline
Ch12(revised 20071226)
Ch12(revised 20071226)
華穗 徐
Electronic Mail Security (University of Jeddah, Saudi Arabia)
Electronic Mail Security (University of Jeddah, Saudi Arabia)
IJCSIS Research Publications
IBPS SO
IBPS SO
Jitendra kadu
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Nuzhat Memon
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...
IJECEIAES
Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521
EditorIJAERD
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...
Alexander Decker
A guide to email spoofing
A guide to email spoofing
MattChapman50
IT Security booklet
IT Security booklet
iteclearners
Module 10 e security-en
Module 10 e security-en
Institute of Entrepreneurship Development
Ethical Hacking
Ethical Hacking
Syed Irshad Ali
Safe Email Practices
Safe Email Practices
Jonathan Slavin
Module 5 security
Module 5 security
IT
Bloombase Spitfire Messaging Security Server Brochure
Bloombase Spitfire Messaging Security Server Brochure
Bloombase
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
Slick Cyber Systems
Session initiation protocol security considerations
Session initiation protocol security considerations
Sami Knuutinen
Type of Security Threats and its Prevention
Type of Security Threats and its Prevention
ijsrd.com
Secure Use of IT
Secure Use of IT
Michael Lew
Unlimited Length Random Passwords for Exponentially Increased Security
Unlimited Length Random Passwords for Exponentially Increased Security
IJCSEA Journal
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET Journal
Encrypting E-mail Messages
Encrypting E-mail Messages
D's Surti
PACE-IT, Security+1.4: Common Network Protocols (part 2)
PACE-IT, Security+1.4: Common Network Protocols (part 2)
Pace IT at Edmonds Community College
Unit 1 b
Unit 1 b
Sheetal Verma
Unit 1 a
Unit 1 a
Sheetal Verma
Unit 4
Unit 4
Sheetal Verma
Unit 3a
Unit 3a
Sheetal Verma
Unit 1c
Unit 1c
Sheetal Verma
Contenu connexe
Tendances
Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521
EditorIJAERD
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...
Alexander Decker
A guide to email spoofing
A guide to email spoofing
MattChapman50
IT Security booklet
IT Security booklet
iteclearners
Module 10 e security-en
Module 10 e security-en
Institute of Entrepreneurship Development
Ethical Hacking
Ethical Hacking
Syed Irshad Ali
Safe Email Practices
Safe Email Practices
Jonathan Slavin
Module 5 security
Module 5 security
IT
Bloombase Spitfire Messaging Security Server Brochure
Bloombase Spitfire Messaging Security Server Brochure
Bloombase
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
Slick Cyber Systems
Session initiation protocol security considerations
Session initiation protocol security considerations
Sami Knuutinen
Type of Security Threats and its Prevention
Type of Security Threats and its Prevention
ijsrd.com
Secure Use of IT
Secure Use of IT
Michael Lew
Unlimited Length Random Passwords for Exponentially Increased Security
Unlimited Length Random Passwords for Exponentially Increased Security
IJCSEA Journal
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET Journal
Encrypting E-mail Messages
Encrypting E-mail Messages
D's Surti
PACE-IT, Security+1.4: Common Network Protocols (part 2)
PACE-IT, Security+1.4: Common Network Protocols (part 2)
Pace IT at Edmonds Community College
Tendances
(17)
Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...
A guide to email spoofing
A guide to email spoofing
IT Security booklet
IT Security booklet
Module 10 e security-en
Module 10 e security-en
Ethical Hacking
Ethical Hacking
Safe Email Practices
Safe Email Practices
Module 5 security
Module 5 security
Bloombase Spitfire Messaging Security Server Brochure
Bloombase Spitfire Messaging Security Server Brochure
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
Session initiation protocol security considerations
Session initiation protocol security considerations
Type of Security Threats and its Prevention
Type of Security Threats and its Prevention
Secure Use of IT
Secure Use of IT
Unlimited Length Random Passwords for Exponentially Increased Security
Unlimited Length Random Passwords for Exponentially Increased Security
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
Encrypting E-mail Messages
Encrypting E-mail Messages
PACE-IT, Security+1.4: Common Network Protocols (part 2)
PACE-IT, Security+1.4: Common Network Protocols (part 2)
En vedette
Unit 1 b
Unit 1 b
Sheetal Verma
Unit 1 a
Unit 1 a
Sheetal Verma
Unit 4
Unit 4
Sheetal Verma
Unit 3a
Unit 3a
Sheetal Verma
Unit 1c
Unit 1c
Sheetal Verma
Legal social ethical
Legal social ethical
Sheetal Verma
Digital certificates
Digital certificates
Sheetal Verma
Intrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
Effective googloing
Effective googloing
Akhil Kaushik
E commerce unit 1
E commerce unit 1
Akhil Kaushik
Digital signature
Digital signature
AJAL A J
TAM-2012-11 PUMS Pandiapuram
TAM-2012-11 PUMS Pandiapuram
designforchangechallenge
PATHS Functional specification first prototype
PATHS Functional specification first prototype
pathsproject
IND-2012-300 Mother's Pet Kindergarten Nagpur - A U trurn for traffic Rules
IND-2012-300 Mother's Pet Kindergarten Nagpur - A U trurn for traffic Rules
designforchangechallenge
Ana clara
Ana clara
michelle martins
The importance of Exchange 2013 CAS in Exchange 2013 coexistence | Part 2/2 |...
The importance of Exchange 2013 CAS in Exchange 2013 coexistence | Part 2/2 |...
Eyal Doron
Bottling sunshine
Bottling sunshine
designforchangechallenge
Plivo OSDC FR 2012
Plivo OSDC FR 2012
mricordeau
IND-2012-254 Vivekanand M S, Mathalamparai -Don’t waste drinking water
IND-2012-254 Vivekanand M S, Mathalamparai -Don’t waste drinking water
designforchangechallenge
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
Eyal Doron
En vedette
(20)
Unit 1 b
Unit 1 b
Unit 1 a
Unit 1 a
Unit 4
Unit 4
Unit 3a
Unit 3a
Unit 1c
Unit 1c
Legal social ethical
Legal social ethical
Digital certificates
Digital certificates
Intrusion detection system ppt
Intrusion detection system ppt
Effective googloing
Effective googloing
E commerce unit 1
E commerce unit 1
Digital signature
Digital signature
TAM-2012-11 PUMS Pandiapuram
TAM-2012-11 PUMS Pandiapuram
PATHS Functional specification first prototype
PATHS Functional specification first prototype
IND-2012-300 Mother's Pet Kindergarten Nagpur - A U trurn for traffic Rules
IND-2012-300 Mother's Pet Kindergarten Nagpur - A U trurn for traffic Rules
Ana clara
Ana clara
The importance of Exchange 2013 CAS in Exchange 2013 coexistence | Part 2/2 |...
The importance of Exchange 2013 CAS in Exchange 2013 coexistence | Part 2/2 |...
Bottling sunshine
Bottling sunshine
Plivo OSDC FR 2012
Plivo OSDC FR 2012
IND-2012-254 Vivekanand M S, Mathalamparai -Don’t waste drinking water
IND-2012-254 Vivekanand M S, Mathalamparai -Don’t waste drinking water
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
Similaire à Unit 2aa
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
MohammedAliShakil
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
PriyalPatel158383
Chapter 2 System Security.pptx
Chapter 2 System Security.pptx
RushikeshChikane2
E-commerce security.ppt
E-commerce security.ppt
Susan130641
E comm jatin
E comm jatin
Jatin Mandhyan
UNIT-3.docx
UNIT-3.docx
CSEA18Arun537
Security in E-commerce
Security in E-commerce
m8817
Cyber Privacy & Password Protection
Cyber Privacy & Password Protection
Nikhil D
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
ITDogadjaji.com
Chapter three e-security
Chapter three e-security
Marya Sholevar
Security for e commerce
Security for e commerce
Mohsin Ahmad
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
Usb based secure e mail
Usb based secure e mail
csandit
USB BASED SECURE E-MAIL
USB BASED SECURE E-MAIL
cscpconf
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
OKsystem
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10
Irsandi Hasan
Internet Security
Internet Security
JainamParikh3
Technical seminar on Security
Technical seminar on Security
STS
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
EMERSON EDUARDO RODRIGUES
Slideshare is
Slideshare is
Ashu Pandita Kaul
Similaire à Unit 2aa
(20)
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
laudon-traver_ec10_ppt_ch05.ppt
Chapter 2 System Security.pptx
Chapter 2 System Security.pptx
E-commerce security.ppt
E-commerce security.ppt
E comm jatin
E comm jatin
UNIT-3.docx
UNIT-3.docx
Security in E-commerce
Security in E-commerce
Cyber Privacy & Password Protection
Cyber Privacy & Password Protection
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
Chapter three e-security
Chapter three e-security
Security for e commerce
Security for e commerce
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
Usb based secure e mail
Usb based secure e mail
USB BASED SECURE E-MAIL
USB BASED SECURE E-MAIL
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10
Internet Security
Internet Security
Technical seminar on Security
Technical seminar on Security
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
Slideshare is
Slideshare is
Dernier
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
panagenda
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Hiroshi SHIBATA
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Knoldus Inc.
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Scott Andery
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Neo4j
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
ThousandEyes
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Alkin Tezuysal
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
Wes McKinney
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
Inflectra
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
IES VE
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
Dernier
(20)
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Unit 2aa
1.
Copyright © 2010 Pearson
Education, Inc.Copyright © 2009 Pearson Education, Inc. Slide 5-1 Unit 2 Security Issues in E- Business
2.
Copyright © 2010 Pearson
Education, Inc. Types of Attacks Against Computer Systems (Cybercrime) Slide 5-2 Figure 5.1, Page 267 Source: Based on data from Computer Security Institute, 2009.
3.
Copyright © 2010 Pearson
Education, Inc. What Is Good E-commerce Security? To achieve highest degree of security New technologies Organizational policies and procedures Industry standards and government laws
4.
Copyright © 2010 Pearson
Education, Inc. The E-commerce Security Environment Figure 5.2, Page 270 Slide 5-4
5.
Copyright © 2010 Pearson
Education, Inc. Dimension of E-Commerce Security 1.Integrity- the ability to ensure that information being displayed on a web site or transmitted or received over the internet has not been altered in any way by an unauthorized party. 2.Non-repudiation – the ability to ensure that e-commerce participants do not deny their online actions.
6.
Copyright © 2010 Pearson
Education, Inc. 3. Authenticity- the ability to identify the identity of a person or entity with whom you are dealing on the internet. 4. Confidentiality – the ability to ensure that messages and data are available only to those who are authorized to view them.
7.
Copyright © 2010 Pearson
Education, Inc. 5. Privacy- the ability to control the use of information about oneself. 6. Availability – the ability to ensure that an e- commerce site continues to function as intended.
8.
Copyright © 2010 Pearson
Education, Inc. Table 5.2, Page 271 Slide 5-8
9.
Copyright © 2010 Pearson
Education, Inc. The Tension Between Security and Other Values Security vs. ease of use The more security measures added, the more difficult a site is to use, and the slower it becomes Security vs. desire of individuals to act anonymously Use of technology by criminals to plan crimes or threaten nation-state Slide 5-9
10.
Copyright © 2010 Pearson
Education, Inc. Security Threats in the E-commerce Environment Three key points of vulnerability: 1. Client 2. Server 3. Communications pipeline Slide 5-10
11.
Copyright © 2010 Pearson
Education, Inc. Most Common Security Threats in the E-commerce Environment Malicious code Viruses (replicate, make copies of itself) Worms (spread from computer to computer) Trojan horses (appears to be benign, but then does something other than expected) Bots (respond to external command sent by the attacker) Botnets (collection of bot computers) Slide 5-11
12.
Copyright © 2010 Pearson
Education, Inc. Unwanted programs Browser parasites (a browser that can monitor and change the settings of a user’s browser) Spyware ( a program used to obtain information such as user emails, IM and so on.) Phishing Deceptive online attempt by a third party to obtain confidential information for Financial gain Use information to commit fraudulent acts (access checking accounts), steal identity Slide 5-12
13.
Copyright © 2010 Pearson
Education, Inc. Hacking and cybervandalism Hackers (individual who intends to gain unauthorized access to a computer system) Crackers (term used to denote hacker with criminal intent) Cybervandalism: intentionally disrupting, defacing, destroying a Web site Types of hackers: white hats (good hackers), black hats (intention of causing harm), grey hats (discover the weakness and publish it)
14.
Copyright © 2010 Pearson
Education, Inc. Credit card fraud/theft Fear of stolen credit card information deters online purchases Online companies at higher risk than offline Spoofing: misrepresenting self by using fake e-mail address Pharming: spoofing a Web site Redirecting a Web link to a new, fake Web site Spam/junk Web sites Slide 5-14
15.
Copyright © 2010 Pearson
Education, Inc. Denial of service (DoS) attack Hackers flood site with useless traffic to overwhelm network Distributed denial of service (DDoS) attack Hackers use multiple computers to attack target network Sniffing- Eavesdropping program that monitors information traveling over a network Insider jobs - Single largest financial threat Poorly designed server and client software
16.
Copyright © 2010 Pearson
Education, Inc. Technology Solutions Protecting Internet communications (encryption) Securing channels of communication (SSL, S- HTTP, VPNs) Protecting networks (firewalls) Protecting servers and clients Slide 5-16
17.
Copyright © 2010 Pearson
Education, Inc. Tools Available to Achieve Site Security Figure 5.7, Page 287 Slide 5-17
18.
Copyright © 2010 Pearson
Education, Inc. Encryption is the coding of information by using a mathematically based program and a secret key to produce a string of characters that is unintelligible. Science that studies encryption is called cryptography (secret writing). Science of creating messages that only the sender and receiver can read.
19.
Copyright © 2010 Pearson
Education, Inc. Encryption Transforms data (plain text) into cipher text readable only by sender and receiver Secures stored information and information transmission Provides 4 of 6 key dimensions of e- commerce security: 1. Message integrity (unaltered) 2. Nonrepudiation (can’t deny the action) 3. Authentication (verify identity) 4. Confidentiality (message not read by others) Slide 5-19
20.
Copyright © 2010 Pearson
Education, Inc. Plaintext- An unencrypted message in human- readable form Ciphertext- A plaintext message after it has been encrypted into a machine-readable form Substitution Cipher - Cipher is letter plus two So Hello will replace by letter two places forward Transposition Cipher – Change in order in a symmetric way eg. Hello- reverse it Olleh.
21.
Copyright © 2010 Pearson
Education, Inc. Symmetric Key Encryption (Secret/private Key Encryp.) Sender and receiver use same digital key to encrypt and decrypt message Requires different set of keys for each transaction -Data Encryption Standard (DES) developed by National Security Agency (NSA) and IBM in 1950s.Uses 56- bit encryption key. U.S. Gov. uses 3DES Advanced Encryption Standard (AES) -Most widely used symmetric key encryption Uses 128-, 192-, and 256-bit encryption keys -Other standards use keys with up to 2,048 bits
22.
Copyright © 2010 Pearson
Education, Inc. Public Key Encryption (Asymmetric encryption) Uses two mathematically related digital keys 1. Public key (widely disseminated) 2. Private key (kept secret by owner) Both keys used to encrypt and decrypt message Once key used to encrypt message, same key cannot be used to decrypt message Sender uses recipient’s public key to encrypt message; recipient uses his/her private key to decrypt it
23.
Copyright © 2010 Pearson
Education, Inc. Public Key Cryptography—A Simple Case Figure 5.8, Page 290 Slide 5-23
24.
Copyright © 2010 Pearson
Education, Inc. Public Key Encryption Using Digital Signatures and Hash Digests Hash function: Mathematical algorithm that produces fixed- length number called message or hash digest Hash digest of message sent to recipient along with message to verify integrity Property of hash function –any change in the original message will cause the message digest to be different Slide 5-24
25.
Copyright © 2010 Pearson
Education, Inc. Digital Signature (e- signature) - To verify authenticity of message and message integrity. - signed Cipher text that can be sent over the internet - With hash document, it is unique for the document, and changes for every document.
26.
Copyright © 2010 Pearson
Education, Inc. Public Key Cryptography with Digital Signatures Figure 5.9, Page 291 Slide 5-26
27.
Copyright © 2010 Pearson
Education, Inc. Public Key Encryption Using Digital Signatures and Hash Digests 1.The sender creates an original message 2.The sender applies a hash function, producing a 128- bit hash result. 3.The sender encrypts the message and hash result using recipient’s public key. 4.The sender encrypts the result ,again his or her private key. 5.The result of this double encryption is sent over the internet. 6.The receiver uses the sender’s public key to authenticate the message. 7.The receiver uses his /her private key to decrypt the hash function and the original message. The receiver checks to ensure the original message and the hash function results conform to one another.
28.
Copyright © 2010 Pearson
Education, Inc. Digital Envelopes (key within a key) Addresses weaknesses of: - Public key encryption: Computationally slow, decreased transmission speed, increased processing time - Symmetric key encryption: Insecure transmission lines Uses symmetric key encryption to encrypt document Uses public key encryption to encrypt and send symmetric key Slide 5-28
29.
Copyright © 2010 Pearson
Education, Inc. Creating a Digital Envelope Figure 5.10, Page 293 Slide 5-29
30.
Copyright © 2010 Pearson
Education, Inc. What are Digital Certificates? A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer- based information. It is issued by a Certification Authority (CA), and serves the same purpose as a driver’s license or a passport.
31.
Copyright © 2010 Pearson
Education, Inc. Digital Certificates Digital certificate is a digital document issued by a certification authority. It includes: Name of subject/company Subject’s public key Digital certificate serial number Expiration date, issuance date Digital signature of certification authority (trusted third party institution) that issues certificate Other identifying information Certification authority (CA): A trusted third party that issues digital certificates Slide 5-31
32.
Copyright © 2010 Pearson
Education, Inc. What are Certification Authorities? Certification Authorities are the digital world’s equivalent to passport offices. They issue digital certificates and validate holders’ identity and authority. They embed an individual or institution’s public key along with other identifying information into each digital certificate and then cryptographically sign it as a tamper-proof seal verifying the integrity of the data within it, and validating its use.
33.
Copyright © 2010 Pearson
Education, Inc. Public Key Infrastructure (PKI) It is a comprehensive system which is required to provide public key encryption and digital signature services. PKI is the combination of software, encryption technologies and services that enables enterprises to protect the security of their communications and business transaction on networks. It integrates CAs, digital certificate, public key cryptography into total, enterprise wide security architecture. The purpose of PKI is to manage keys and certificates.
34.
Copyright © 2010 Pearson
Education, Inc. PKI involves the following a) Subscriber- individual or entity identified by the certificate b) Certifying authority- issuer of the certificate c) Relying party- company, agency, or individual relying on the certificate. Role of CA 1)To issue digital certificate to the subscriber 2) Identify and authenticate the subscriber’s information contained in the certificate for the benefit of the relying party.
35.
Copyright © 2010 Pearson
Education, Inc. A PKI infrastructure is expected to offer its users the following benefits: certainty of the quality of information sent and received electronically certainty of the source and destination of that information assurance of the time and timing of that information (providing the source of time is known) certainty of the privacy of that information assurance that the information may be introduced as evidence in a court or law
36.
Copyright © 2010 Pearson
Education, Inc. Who Provides the Infrastructure- Among PKI leaders are: RSA, which has developed the main algorithms used by PKI vendors Verisign, which acts as a certificate authority and sells software that allows a company to create its own certificate authorities GTE CyberTrust, which provides a PKI implementation methodology and consultation service that it plans to vend to other companies for a fixed price Xcert, whose Web Sentry product that checks the revocation status of certificates on a server, using the Online Certificate Status Protocol (OCSP) Netscape, whose Directory Server product is said to support 50 million objects and process 5,000 queries a second; Secure E-Commerce, which allows a company orextranet manager to manage digital certificates; and Meta- Directory, which can connect all corporate directories into a single directory for security management
37.
Copyright © 2010 Pearson
Education, Inc. Some Indian Websites that uses digital signature - Rediff, Sify-mall, Bazee,All major airlines ,ICICI,HDFC Some Certifying Authorities in India - Safe Scrypt(A sify- verisign venture) was the first CA in India - National Informatics Centre - Tata Consultancy Services
38.
Copyright © 2010 Pearson
Education, Inc. Digital Certificates and Certification Authorities Figure 5.11, Page 294 Slide 5-38
39.
Copyright © 2010 Pearson
Education, Inc. Limits to Encryption Solutions Doesn’t protect storage of private key PKI not effective against insiders, employees Protection of private keys by individuals may be haphazard No guarantee that verifying computer of merchant is secure CAs are unregulated, self-selecting organizations Slide 5-39
40.
Copyright © 2010 Pearson
Education, Inc. Securing Channels of Communication Secure Sockets Layer (SSL developed by netscape communication): Establishes a secure, negotiated client-server session in which URL of requested document, along with contents, is encrypted (secure comm. b/w two computers) It is a protocol that operates between the transport and application layers of TCP/IP and secures communications between the clients and server (by using encryption, digital signature technique). A session key is a unique symmetric encryption key chosen just for single secure session. Slide 5-40
41.
Copyright © 2010 Pearson
Education, Inc. Secure Negotiated Sessions Using SSL Figure 5.12, Page 298 Slide 5-41
42.
Copyright © 2010 Pearson
Education, Inc. S-HTTP (developed by commercenet): Provides a secure message-oriented communications protocol designed for use in conjunction with HTTP (secure individual message) It includes encrypting web communications carried over HTTP. SSL is designed to establish a secure connection between two computers whereas S- HTTP is designed to send individual messages securely.
43.
Copyright © 2010 Pearson
Education, Inc. Firewalls Firewall a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts. Hardware or software that filters packets Prevents some packets from entering the network based on security policy Network inside the firewall is called trusted, and outside the firewall is called untrusted Slide 5-43
44.
Copyright © 2010 Pearson
Education, Inc. Three main methods: 1.Packet filters (examine all data flowing back and forth b/w the trusted n/w (within the firewall) and the Internet. 2.Application gateways (firewalls that filter traffic based on the application requested. Eg. permits incoming FTP request and blocks outgoing FTP request) 3.Proxy Server (firewall that communicate with the internet on the private network’s behalf, it is a Software servers that handle all communications originating from or being sent to the Internet).
45.
Copyright © 2010 Pearson
Education, Inc. Firewalls and Proxy Servers Figure 5.13, Page 301 Slide 5-45
46.
Copyright © 2010 Pearson
Education, Inc. Personal Firewalls A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy. Typically it works as an application layer firewall. A personal firewall will usually protect only the computer on which it is installed, as compared to a conventional firewall which is normally installed on a designated interface between two or more networks, such as a router or proxy server. Hence, personal firewalls allow a security policy to be defined for individual computers, whereas a conventional firewall controls the policy between the networks that it connects. Personal firewalls may also provide some level of intrusion detection, allowing the software to terminate or block connectivity where it suspects an intrusion is being attempted.
47.
Copyright © 2010 Pearson
Education, Inc. Features of personal firewalls -Protects the user from unwanted incoming connection attempts Allows the user to control which programs can and cannot access the local network and/or Internet and provide the user with information about an application that makes a connection attempt Block or alert the user about outgoing connection attempts Hide the computer from port scans by not responding to unsolicited network traffic Monitor applications that are listening for incoming connections Monitor and regulate all incoming and outgoing Internet users Prevent unwanted network traffic from locally installed applications Provide information about the destination server with which an application is attempting to communicate
48.
Copyright © 2010 Pearson
Education, Inc. Virtual Private Network (VPN) Allows remote users to securely access internal network via the Internet, using Point-to-Point Tunneling Protocol (PPTP) It enables a host computer to send and receive data across shared or public networks as if it were a private network with all the functionality, security and management policies of the private network.[1]This is done by establishing a virtual point-to- point connection through the use of dedicated connections, encryption, or a combination of the two.
49.
Copyright © 2010 Pearson
Education, Inc. - The VPN connection across the Internet is technically a wide area network (WAN) link between the sites but appears to the user as a private network link—hence the name "virtual private network". - Point-to-Point Tunneling Protocol (PPTP) is an encoding mechanism that allows one local network to connect to another using the internet as the conduit. - - VPN is a temporary secure line and it reduces the cost of secure connection.
50.
Copyright © 2010 Pearson
Education, Inc. Four Protocols used in VPN - PPTP -- Point-to-Point Tunneling Protocol - L2TP -- Layer 2 Tunneling Protocol - IPsec -- Internet Protocol Security - SOCKS – is not used as much as the ones above Tunneling- A virtual point-to-point connection made through a public network. The process of connecting one protocol (PPTP) through another (IP) is called tunneling.
51.
Copyright © 2010 Pearson
Education, Inc.
52.
Copyright © 2010 Pearson
Education, Inc.
53.
Copyright © 2010 Pearson
Education, Inc. A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.
54.
Copyright © 2010 Pearson
Education, Inc. Eliminating the need for expensive long-distance leased lines Reducing the long-distance telephone charges for remote access. Transferring the support burden to the service providers Operational costs Advantages: Scalability Flexibility of growth Efficiency with broadband technology Advantages: Cost Savings
55.
Copyright © 2010 Pearson
Education, Inc. - VPNs require an in-depth understanding of public network security issues and proper deployment of precautions - Availability and performance depends on factors largely outside of their control - Immature standards - VPNs need to accommodate protocols other than IP and existing internal network technology Disadvantages
56.
Copyright © 2010 Pearson
Education, Inc. Definitions - Intrusion Detection Systems Intrusion A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability, of a computing and networking resource Intrusion detection The process of identifying and responding to intrusion activities Intrusion prevention Extension of ID with exercises of access control to protect computers from exploitation
57.
Copyright © 2010 Pearson
Education, Inc. Intrusion Detection Systems An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.
58.
Copyright © 2010 Pearson
Education, Inc.
59.
Copyright © 2010 Pearson
Education, Inc. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies. Types of IDS
60.
Copyright © 2010 Pearson
Education, Inc. Network intrusion detection system (NIDS) is an independent platform that identifies intrusions by examining network traffic and monitors multiple hosts. Network intrusion detection systems gain access to network traffic by connecting to a network hub, network switch Host-based intrusion detection system (HIDS) It consists of an agent on a host that identifies intrusions by analyzing system calls, application logs, file-system modifications and other host activities and state. Stack-based intrusion detection system (SIDS) in this,the packets are examined as they go through the TCP/IP stack and, therefore, it is not necessary for them to work with the network interface in promiscuous mode.
61.
Copyright © 2010 Pearson
Education, Inc. Link for Digital signature explanation. http://www.developer.com/java/ent/arti cle.php/3092771/How-Digital- Signatures-Work-Digitally-Signing- Messages.htm
Télécharger maintenant