219322219322Electronic Commerce
Lecture 5Engineering
Laudon & Traver: Chapter 5 Security and Encryption
Papazoglou & Ribbers: Chapter 13 Reliability and Quality of Service for e-Business
Copyright © 2007 Pearson Education, Inc. Slide 4-2
The E-commerce Security Environment: The Scope of the Problemp
Overall size of cybercrime unclear; amount of losses significant but stable; individuals face new risks ofsignificant but stable; individuals face new risks of fraud that may involve substantial uninsured losses
Symantec: Over 50 overall attacks a day against business firms between July 2004–June 20052005 Computer Security Institute survey
56% f d t h d d t t d b h f56% of respondents had detected breaches of computer security within last 12 months and 91% of these suffered financial loss as a result9 % o t ese su e ed a c a oss as a esu tOver 35% experienced denial of service attacksOver 75% detected virus attacks
Copyright © 2007 Pearson Education, Inc. Slide 5-4
The E-commerce Security Environment
Figure 5.4, Page 253
Copyright © 2007 Pearson Education, Inc. Slide 5-5
Di i f E S itDimensions of E-commerce SecurityIntegrity: ability to ensure that information being di l d W b i i d/ i d hdisplayed on a Web site or transmitted/received over the Internet has not been altered in any way by an unauthorized partyunauthorized partyNonrepudiation: ability to ensure that e-commerce participants do not deny (repudiate) online actionsAuthenticity: ability to identify the identity of a person or entity with whom you are dealing on the InternetC fid ti lit bilit t th t d d tConfidentiality: ability to ensure that messages and data are available only to those authorized to view themPrivacy: ability to control use of information a customerPrivacy: ability to control use of information a customer provides about himself or herself to merchantAvailability: ability to ensure that an e-commerce site
Copyright © 2007 Pearson Education, Inc. Slide 5-6
continues to function as intended
Customer and Merchant Perspectives on theCustomer and Merchant Perspectives on the Different Dimensions of E-commerce SecurityTable 5.1, Page 254
Copyright © 2007 Pearson Education, Inc. Slide 5-7
The Tension Between Security and Other ValuesOther Values
Security vs. ease of use: the more security measures that are added the more difficult a site is to use andthat are added, the more difficult a site is to use, and the slower it becomesToo much security can harm profitability, while not enough security can put you out of businessenough security can put you out of businessTension between the desire of individuals to act anonymously (to hide their identity) and the needs to y y ( y)maintain public safety that can be threatened by criminals or terrorists.The Internet is both anonymous and pervasive anThe Internet is both anonymous and pervasive, an ideal communication tool for criminal and terrorist groups (Coll and Glasser, 2005).
Copyright © 2007 Pearson Education, Inc. Slide 5-8
Security Threats in the E-commerce Environment
Three key points of vulnerability:
ClientClient
Server
Communications channel
Copyright © 2007 Pearson Education, Inc. Slide 5-9
A Typical E-commerce TransactionFigure 5.5, Page 257
Copyright © 2007 Pearson Education, Inc. Slide 5-10
SOURCE: Boncella, 2000.
V l bl P i t i EVulnerable Points in an E-commerce EnvironmentFigure 5.6, Page 258
Copyright © 2007 Pearson Education, Inc. Slide 5-11
SOURCE: Boncella, 2000.
Security Threats in the E-commerce Environment (cont’d)( )
Most common threats:Malicious codeMalicious codePhishingHacking and cybervandalismHacking and cybervandalismCredit card fraud/theftSpoofing (pharming)Spoofing (pharming)Denial of service attacksSniffinggInsider jobsPoorly designed server and client software
Copyright © 2007 Pearson Education, Inc. Slide 5-12
Malicious Code (“malware”)
Try to impair computers steal email addresses logonTry to impair computers, steal email addresses, logon credentials, personal data, and financial info.Viruses: computer program that has ability to replicate and
d t th fil t l d li “ l d” fspread to other files; most also deliver a “payload” of some sort (may be destructive or benign); include macro viruses, file-infecting viruses, and script virusesW d i d t d f t t tWorms: designed to spread from computer to computer; can replicate without being executed by a user or program like virusT j h t b b i b t th dTrojan horse: appears to be benign, but then does something other than expectedBots: can be covertly installed on computer; responds to
l d b h kexternal commands sent by the attacker to create a network of compromised computers for sending spam, generating a dDoS attack, and stealing info from computers
Copyright © 2007 Pearson Education, Inc. Slide 5-13
computers
Phishing
Any deceptive, online attempt by a third party to obtain confidential information for financial gainobtain confidential information for financial gain
Most popular type: e-mail scam letter, e.g., Nigerian’s rich former oil minister seeking a bank account to deposit millions of dollars, fake “account verification” emails from eBay or CitiBankasking to give up personal account info bankasking to give up personal account info, bank account no., and credit card no.One of fastest growing forms of e-commerce crime
97,592 unique new phishing emails sent within the first 6 months of 2005, >40% increase compared to 2nd half of 2004
Copyright © 2007 Pearson Education, Inc. Slide 5-14
compared to 2nd half of 2004.
Hacking and Cybervandalism
H k I di id l h i t d t i th i dHacker: Individual who intends to gain unauthorized access to computer systemsCracker: Used to denote hacker with criminal intent (two terms often used interchangeably)Cybervandalism: Intentionally disrupting, defacing or destroying a Web sitedestroying a Web siteTypes of hackers include:
White hats – hired by corporate to find k i th fi ’ t tweaknesses in the firm’s computer system
Black hats – hackers with intention of causing harmGrey hats – hackers breaking in and revealing system flaws without disrupting site or attempting to profit from their finds.
Copyright © 2007 Pearson Education, Inc. Slide 5-15
to profit from their finds.
Credit Card Fraud
Fear that credit card information will be stolen deters online purchasesOverall rate of credit card fraud is lower than users thank, 1.6-1.8% of all online card transactions (CyberSource Corporation 2006)transactions (CyberSource Corporation, 2006).US’s federal law limits liability of individuals to $50 for a stolen credit card.Hackers target credit card files and other customer information files on merchant servers; use stolen data to establish credit under falseuse stolen data to establish credit under false identityOne solution: New identity verification
Copyright © 2007 Pearson Education, Inc. Slide 5-16
mechanisms
Spoofing (Pharming)Misrepresenting oneself by using fake e-mail addresses or masquerading as someone elseSpoofing a Web site is called “pharming,” which involves redirecting a Web link to another IP address different from the real oneaddress different from the real onePharming is carried out by hacking local DNS servers.Threatens integrity of site by stealing business from the true site, or altering orders and sending them to the true site for processing and deliverythem to the true site for processing and delivery.Threatens authenticity by making it hard to discern the true sender of a message.
Copyright © 2007 Pearson Education, Inc. Slide 5-17
Insight on Society: “Evil Twins” and “Pharming”: Keeping Up with the g p g p
Hackers?Class DiscussionClass Discussion
What are “evil twins” and “pharming”p g
What is meant by “social engineering techniques?”
What is the security weakness in the domain name ysystem that permits pharming?
What steps can users take to verify they are communicating with authentic sites and networks?
Copyright © 2007 Pearson Education, Inc. Slide 5-18
DoS and dDoS Attacks
Denial of service (DoS) attack: Hackers flood Web site with useless traffic to inundate and overwhelm networkUse of bot networks built from hundreds of compromised workstationscompromised workstations.no. of DoS attacks per day grew from 119 during last 6 months of 2004 to 927 during first 6 months of 2005 a 679% increase (S mantec 2005)2005, a 679% increase (Symantec 2005).Distributed denial of service (dDoS) attack: hackers use numerous computers to attack target network p gfrom numerous launch pointsMicrosoft and Yahoo have experienced such attacks.
Copyright © 2007 Pearson Education, Inc. Slide 5-19
Denial of ServiceDenial of ServicePing Flooding
Attacker sends a flood of pings to the intended victimAttacker sends a flood of pings to the intended victimThe ping packets will saturate the victim’s bandwidth
Internet
Attacking System(s)
Victim SystemSOURCE: PETER SHIPLEY
Denial of ServiceSMURF ATTACKSMURF ATTACK
Uses a ping packet with two extra twistAttacker chooses an unwitting victimgSpoofs the source addressSends request to network in broadcast mode
ICMP = Internet ControlMessage Protocol
INTERNET
1 SYN
PERPETRATORVICTIM
10,000 SYN/ACKs -- VICTIM IS DEAD
INNOCENTREFLECTOR SITES
10,000 SYN/ACKs VICTIM IS DEAD
ICMP echo (spoofed so ce add ess of ictim)
BANDWIDTH MULTIPLICATION:A T1 (1.54 Mbps) can easilyyield 100 MBbps of attack
ICMP echo (spoofed source address of victim)Sent to IP broadcast addressICMP echo reply
SOURCE: CISCO
DDoS Attack IllustratedDDoS Attack IllustratedHacker
Hacker scans1 Unsecured ComputersHacker scansInternet for
unsecured systems that can be
1
that can be compromised
Internet
ScanningProgram
DDoS Attack IllustratedHackerDDoS Attack Illustrated
Zombies
Hacker secretlyinstalls zombie
2
agent programs, turning unsecured
t i t
Internet
computers into zombies
DDoS Attack IllustratedHackerDDoS Attack Illustrated
ZombiesMasterServer
Hacker selects a Master Server to 3 Internet
send commands to the zombies
DDoS Attack IllustratedHackerDDoS Attack Illustrated
ZombiesMasterServer
Using client program, hacker sends
d t M t
4 Internet
commands to Master Server to launch zombie attack against a
TargetedSystemattack against a
targeted systemSystem
DDoS Attack IllustratedHackerDDoS Attack Illustrated
MasterServer
Zombies
Master Serversends signal to bi t l h
5 Internet
TargetedSystem
zombies to launch attack on targeted system Systemsystem
DDoS Attack IllustratedHackerDDoS Attack Illustrated
MasterServer
Zombies
Targeted system is overwhelmed by bogus6overwhelmed by bogus requests that shut it down for legitimate
Internet
TargetedSystem
users
Request Denied System
User
Request Denied
Other Security Threats
Sniffing: Type of eavesdropping program that monitors information traveling over a network;monitors information traveling over a network; enables hackers to steal proprietary information from anywhere on a networkI id j b Si l l t fi i l th tInsider jobs: Single largest financial threat23% of business firms experienced an “inside security breach” in their systems in 2004security breach in their systems in 2004 (Computer Security Institute, 2005; Yuan, 2005).Poorly designed server and client software: I i l it f ftIncrease in complexity of software programs (e.g., MS’s Win32 API) has contributed to an increase is vulnerabilities that hackers can exploit
Copyright © 2007 Pearson Education, Inc. Slide 5-28
p
Technology Solutions
Protecting Internet communications (encryption)
Securing channels of communication (SSL, S-HTTP, VPNs)S HTTP, VPNs)
Protecting networks (firewalls)
Protecting servers and clientsProtecting servers and clients
Copyright © 2007 Pearson Education, Inc. Slide 5-29
Tools Available to Achieve Site SecurityFigure 5.7, Page 269Figure 5.7, Page 269
Copyright © 2007 Pearson Education, Inc. Slide 5-30
Protecting Internet Communications: EncryptionEncryption
Encryption: The process of transforming plain text or data into cipher text that cannot be read by anyonedata into cipher text that cannot be read by anyone other than the sender and receiverPurpose: Secure stored information and information transmissionProvides:
M i t itMessage integrityNonrepudiationAuthenticationAuthenticationConfidentiality
Copyright © 2007 Pearson Education, Inc. Slide 5-31
Symmetric Key Encryption
Also known as secret key encryptionBoth the sender and receiver use the same digital key to encrypt and decrypt messageRequires a different set of keys for each transactionData Encryption Standard (DES): Most widely used symmetric key encryption today; uses 56-bit encryption key; other types use 128-bit k th h 2048 bitkeys up through 2048 bits
Copyright © 2007 Pearson Education, Inc. Slide 5-32
S t i E ti dSymmetric Encryption and Decryptionyp
© 2004 D. A. Menascé. All Rights Reserved.
Public Key Encryption
Public key cryptography solves symmetric key encryption problem of having to exchange secret key Uses two mathematically related digital keys – public key (widely disseminated) and private key (kept secret by owner)secret by owner)Both keys are used to encrypt and decrypt messageOnce key is used to encrypt message, same key y yp g , ycannot be used to decrypt messageFor example, sender uses recipient’s public key to
t i i t hi /h i t kencrypt message; recipient uses his/her private key to decrypt it
Copyright © 2007 Pearson Education, Inc. Slide 5-34
P bli K E ti dPublic Key Encryption and Decryptionyp
© 2004 D. A. Menascé. All Rights Reserved.
Public Key Cryptography – A Simple Case
Figure 5.8, Page 272
Copyright © 2007 Pearson Education, Inc. Slide 5-36
Public Key Encryption using Digital Signatures and Hash Digestsg g
Public key encryption provides confidentiality, but not authentication integrity and nonrepudiationauthentication, integrity, and nonrepudiation.Application of hash function (mathematical algorithm) by sender prior to encryption produces hash (message) digest that recipient can use to verify integrity of dataHash function produces a fixed length number calledHash function produces a fixed-length number called hash or message digest.Examples of hash function include MD4 and MD5.a p es o as u ct o c ude a d 5Double encryption with sender’s private key (digital signature) helps ensure authenticity and
di ti
Copyright © 2007 Pearson Education, Inc. Slide 5-37
nonrepudiation
Message Digestg g
Message0 0 0Message Digest
Function101…1010
SmallFunctionLarge
Small(e.g., 128 bits)
© 2004 D. A. Menascé. All Rights Reserved.
Message Digestg g
AAMessage
Digest A
DigestFunctionFunction
B Digest B
If A =B => Digest A = Digest BIf A =B => Digest A = Digest B© 2004 D. A. Menascé. All Rights Reserved.
Message Digestg g
Message? Digest
FunctionDigest A
Function
E t emel ha d to get A f om Digest A!Extremely hard to get A from Digest A!© 2004 D. A. Menascé. All Rights Reserved.
Public Key Cryptography with Digital SignaturesgFigure 5.9, Page 274
Copyright © 2007 Pearson Education, Inc. Slide 5-41
Digital Envelopes
Addresses weaknesses of public key encryption (computationally slow, decreases encryption (computationally slow, decreases transmission speed, increases processing time) and symmetric key encryption (faster, e) a d sy e c ey e c yp o ( as e ,but more secure)
Uses symmetric key encryption to encryptUses symmetric key encryption to encrypt document but public key encryption to encrypt and send symmetric keyencrypt and send symmetric key
Copyright © 2007 Pearson Education, Inc. Slide 5-42
Public Key Cryptography: Creating a Digital Envelopeg pFigure 5.10, Page 275
Copyright © 2007 Pearson Education, Inc. Slide 5-43
Di it l C tifi t d P bli KDigital Certificates and Public Key Infrastructure (PKI)
Still missing a way to verify identity of Web sites.By using digital document issued by a trusted third party called certificate authority (CA)called certificate authority (CA)Digital certificate: Digital document that includes:
Name of subject or companySubject’s public keyDigital certificate serial numberExpiration dateExpiration dateIssuance dateDigital signature of certification authority (trusted third
t i tit ti ) th t i tifi tparty institution) that issues certificateOther identifying information
Public Key Infrastructure (PKI): refers to the CAs and
Copyright © 2007 Pearson Education, Inc. Slide 5-44
y ( )digital certificate procedures that are accepted by all parties
Digital Certificates and Certification AuthoritiesFigure 5.11, Page 277
Copyright © 2007 Pearson Education, Inc. Slide 5-45
Limits to Encryption Solutions
PKI applies mainly to protecting messages in transittransit
PKI is not effective against insiders
Protection of private keys by individuals may beProtection of private keys by individuals may be haphazard
N h if i f hNo guarantee that verifying computer of merchant is secure
CAs are unregulated, self-selecting organizations
Copyright © 2007 Pearson Education, Inc. Slide 5-46
Insight on Technology: Advances in Quantum Cryptography May Lead to the Q yp g p y y
Unbreakable KeyClass DiscussionClass Discussion
Why are existing encryption systems over ti l bl ?time more vulnerable?
What is quantum encryption?
What is the weakness of a symmetric key system (even one based on quantum y ( qtechniques)?
Would quantum-encrypted messages be
Copyright © 2007 Pearson Education, Inc. Slide 5-47
Would quantum encrypted messages be immune to the growth in computing power?
Securing Channels of Communication
S S k t L (SSL) M t f fSecure Sockets Layer (SSL): Most common form of securing channels of communication; used to establish a secure negotiated session (client-server g (session in which URL of requested document, along with contents, is encrypted)S HTTP Alt ti th d idS-HTTP: Alternative method; provides a secure message-oriented communications protocol designed for use in conjunction with HTTPo use co ju ct o tSSL is designed to establish a secure connection between two computers, S-HTTP is designed to send i di id l lindividual messages securely.Virtual Private Networks (VPNs): Allow remote users to securely access internal networks via the Internet
Copyright © 2007 Pearson Education, Inc. Slide 5-48
to securely access internal networks via the Internet, using Point-to-Point Tunneling Protocol (PPTP)
Secure Negotiated Sessions Using SSLFigure 5.12, Page 281
Copyright © 2007 Pearson Education, Inc. Slide 5-49
Protecting Networks: Firewalls and Proxy ServersProxy Servers
Firewall: Hardware or software filters communications k t d t k t f t i thpackets and prevents some packets from entering the
network based on a security policyFirewall methods include:
Packet filters – looks inside data packets to decide whether they are destined for a prohibited port or originate from a prohibited IP addressoriginate from a prohibited IP address.Application gateways – filters communications based on the application being requested, rather than the
d ti ti f thsource or destination of the message.Application gateways provide greater security than packet filters, but can compromise system performance
Copyright © 2007 Pearson Education, Inc. Slide 5-50
filters, but can compromise system performance
Protecting Networks: Firewalls and Proxy Serversy
Proxy servers: Software servers that handle all communications originating from or beingall communications originating from or being sent to the InternetInitially for limiting access of internal clients toInitially for limiting access of internal clients to external Internet serversCan be used to restrict access to certainCan be used to restrict access to certain types of sites, such as porno, auction, or stock-trading sites or to cache frequently-stock trading sites, or to cache frequentlyaccessed Web pages to reduce download times
Copyright © 2007 Pearson Education, Inc. Slide 5-51
Firewalls and Proxy ServersFigure 5.13, Page 283Figure 5.13, Page 283
Copyright © 2007 Pearson Education, Inc. Slide 5-52
Protecting Servers and Clients
Operating system controls: Authentication and access control mechanismsand access control mechanisms
Anti-virus software: Easiest and least expensive way to prevent threats to systemexpensive way to prevent threats to system integrity
Copyright © 2007 Pearson Education, Inc. Slide 5-53
A S it Pl M t P li iA Security Plan: Management PoliciesSteps in developing a security plan
Perform risk assessment: assessment of risks and points of vulnerabilityD l it li t f t t t i iti iDevelop security policy: set of statements prioritizing information risks, identifying acceptable risk targets, and identifying mechanisms for achieving targetsy g g gDevelop implementation plan: action steps needed to achieve security plan goalsCreate security organization: in charge of security; educates and trains users, keeps management aware of security issues; administers access controlssecurity issues; administers access controls, authentication procedures and authorization policiesPerform security audit: review of security practices and
Copyright © 2007 Pearson Education, Inc. Slide 5-54
procedures
Developing an E-commerce Security PlanFigure 5.14, Page 286
Copyright © 2007 Pearson Education, Inc. Slide 5-55
The Role of Laws and Public Policy
N l h t d l l d ti l th itiNew laws have granted local and national authorities new tools and mechanisms for identifying, tracing and prosecuting cybercriminalsp g y
National Infrastructure Protection Center – unit within National Cyber Security Division of D t t f H l d S it h i iDepartment of Homeland Security whose mission is to identify and combat threats against U.S. technology and telecommunications infrastructuretec o ogy a d te eco u cat o s ast uctu eUSA Patriot ActHomeland Security Acty
Government policies and controls on encryption software
Copyright © 2007 Pearson Education, Inc. Slide 5-57
OECD Guidelines2002 Organization for Economic Cooperation and g pDevelopment (OECD) Guidelines for the Security of Information Systems and Networks has nine principles:principles:
AwarenessResponsibilityResponsibilityResponseEthicsDemocracyRisk assessmentSecurity design and implementationSecurity management
Copyright © 2007 Pearson Education, Inc. Slide 5-58
Reassessment