Topic 6 Online Security

7/28/2019 Topic 6 Online Security

1/47

X INTRODUCTION

Doing business on the web is riskier than doing business with local customers.Stolen credit cards, disputed charges, off-shore shipping destinations, the powerof credit card companies to force merchants to pay for fraud, and the lack ofinternational laws governing global e-commerce problems are just some of thesecurity problems with which e-commerce merchants must take into

consideration.

For consumers, the risk in e-commerce is really no greater than in ordinarycommerce. Although there have been some spectacular losses of credit cardinformation involving a tiny percentage of companies, because of a variety oflaws, consumers are largely isolated from the impact of stolen credit cards andcredit card information.

In this topic, we will examine e-commerce security issues, identify the majorrisks, and describe the variety of solutions currently available.

TTooppiicc

66X Online

Security

LEARNING OUTCOMES

By the end of this topic, you should be able to:1. Describe the key dimensions of e-commerce security;

2. Identify the key security threats in the e-commerce environment;

3. Examine how various forms of encryption technology help protect thesecurity of messages sent over the Internet;

4. Discuss the tools used to establish secure Internet communicationschannels; and

5. Assess the tools used to protect networks, servers and clients.


2/47

TOPIC 6 ONLINE SECURITY W 161

SECURITY FOR E-COMMERCE

Have you ever been in a situation where you wanted to buy products from the

Internet but you did not feel secure? Why?

For most law-abiding citizens, the Internet promises a global marketplace,providing access to people and businesses worldwide. For criminals, the Internethas created entirely new and lucrative ways to steal from more than one billionInternet users in the world. From products and services to cash and alsoinformation, it is all there for the taking on the Internet.

It is also less risky to steal online. The potential for anonymity on the Internetcloaks many criminals in legitimate looking identities allowing them to place

fraudulent orders with online merchants, steal information by intercepting e-mail,or simply to shut down e-commerce sites by using software viruses. In the end,however, the actions of such cyber criminals are costly for businesses andconsumers, who are then subjected to higher prices and additional securitymeasures.

6.1.1 The Scope of E-commerce Crime

It is difficult to estimate the actual amount of e-commerce crime for a variety ofreasons. In many instances, e-commerce crimes are not reported because

companies fear losing the trust of legitimate customers. And even when crimesare reported, it may be hard to quantify the losses incurred.

For instance, a recent survey conducted by Computer Crime and Security Surveyin 2007 on the response of 500 security practitioners in U.S corporations,government agencies, financial institution, medical institutions and universities,reported that 46% of the responding organisations experienced a computersecurity incident within the last 12 months and incurred a total loss of $67million. Insider abuse and virus are the most common attacks against computersystems.

Not every cyber criminal is after money. In some cases, such criminals aim to justdeface, vandalise and/or disrupt a website, rather than actually steal goods orservices. The cost of such an attack includes not only the time and effort to makerepairs to the site but also damage done to the sites reputation and image as wellas revenues lost as a result of the attack.

While the overall size of cybercrime may be unclear, cybercrime againste-commerce sites is significant, dynamic and changing all the time. Therefore,

6.1


3/47

X TOPIC 6 ONLINE SECURITY162

the managers of e-commerce sites must prepare for an ever-changing varietyof criminal assaults and keep current in the latest security solutions.

6.1.2 What is Good E-commerce Security?

What is a secure commercial transaction? Any time you go into a marketplace,you take the risk, including the loss of privacy (information about what youpurchased). The prime risk as a consumer is that you do not get what you paidfor. In fact, you might pay and get nothing! Worse, someone steals your moneywhile you are at the market! As a merchant in the market, your risk is that you donot get paid for what you sell. Thieves take merchandise and then either walk offwithout paying anything, or pay you with a fraudulent instrument, stolen creditcard, or forged currency.

E-commerce merchants and consumers face many of the same risks asparticipants in traditional commerce, albeit in a new digital environment. Theft istheft, regardless of whether it is digital theft or traditional theft. Burglary,embezzlement, trespass, malicious destruction, and vandalism, all crimes in atraditional commercial environment, are also present in e-commerce.

However, reducing risks in e-commerce is a complex process that involves newtechnologies, organisational policies and procedures, and new laws and industrystandards that empower law enforcement officials to investigate and prosecute

the offenders.

Figure 6.1 shows an illustration on cyber security which is meant to eradicatecyber crimes from occurring.

Figure 6.1: Illustration on cyber securitySource: http://www.darkgovernment.com/news/massive-cyber-attacks-uncovered/


4/47


To achieve the highest degree of security possible, new technologies are availableand should be used. But these technologies by themselves do not solve theproblem. Organisational policies and procedures are required to ensure the

technologies are not subverted. Finally, industry standards and government lawsare required to enforce payment mechanisms, as well as to investigate andprosecute violators of laws designed to protect the transfer of property incommercial transactions.

In conclusion, a good e-commerce security requires a set of laws, procedures,policies and technologies that protect individuals and organisations fromunexpected breach of security in the e-commerce marketplace.

6.1.3 Dimensions of E-commerce Security

There are six key dimensions of e-commerce security as shown in Figure 6.2.

Figure 6.2: Dimensions of e-commerce securityTable 6.1 gives the definitions for each dimension of e-commerce security. It alsosummarises the perspectives of customer and merchant on the differentdimensions of e-commerce security.


5/47


Table 6.1: Customer and Merchant Perspectives on the Different Dimensions ofE-commerce Security

Dimensions Definitions CustomersPerspective

MerchantsPerspective

Integrity Integrity refers to theability to ensure thatinformation beingdisplayed on a website, ortransmitted or receivedover the Internet, has not

been altered in any way byan unauthorised party.

Has theinformation that Itransmitted orreceived has beenaltered?

Has data on the sitebeen altered withoutauthorisation? Is thedata being receivedfrom customersvalid?

Nonrepudiation Nonrepudiation refers to

the ability to ensure that e-commerce participants donot deny or repudiate theironline actions.

Can a party to an

action with melater deny takingthe action?

Can a customer

deny orderingproducts?

Authenticity Authenticity refers to theability to identify theidentity of a person orentity with whom you aredealing on the Internet.

Who am I dealingwith? How can I

be assured that theperson or entity iswho they claim to

be?

What is the realidentity of thecustomer?

Confidentiality Confidentiality refers tothe ability to ensure thatmessages and data areavailable only to those whoare authorised to viewthem.

Can someoneother than theintended recipientread mymessages?

Are messages orconfidential dataaccessible to anyoneother than thoseauthorised to viewthem?

Privacy Piracy refers to the abilityto control the use ofinformation a customerprovides about himself orherself to an e-commercemerchant.

Can I control theuse of informationabout myselftransmitted to an e-commercemerchant?

What use, if any, canbe made of personaldata collected as partof an e-commercetransaction?

Availability Availability refers to theability to ensure that an e-commerce site continues tofunction as intended.

Can I get access tothe site?

Is the siteoperational?

Source: Adapted from Laudon, K. C., & Traver, C. G. (2009). E-commerce Business,Technology, Society (5th ed.). Boston: Addison Wesley.


6/47


Let us look at the explanations provided for each dimension of e-commercesecurity.

(a) IntegrityFor example, if an unauthorised person intercepts and changes the contents ofan online communication, such as by redirecting a bank wire transfer into adifferent account, the integrity of the message has been compromised becausethe communication no longer represents what the original sender intended.

An e-commerce customer may question a messages integrity if the contentsseem suspicious and out of character for the person who supposedly sent it.And a system administrator must deal with the issue of integrity whendetermining who should have the authorisation to change data on the

website; the more people with authority to change data, the greater thethreat of integrity violations from both inside and out.

(b) NonrepudiationFor instance, the availability of free e-mail accounts makes it easy for aperson to post comments or to send a message and perhaps later denydoing so. Even when a customer uses a real name and an e-mail address, itis easy for the customer to order merchandise online and then later denydoing so. In most cases, because merchants typically do not obtain aphysical copy of a signature, the credit card issuer will side the customerbecause the merchant has no legal, valid proof that the customer hadordered the merchandise.

(c) AuthenticityHow does the customer know that the Web site operator is who he/sheclaims to be? How can the merchant be assured that the customer is reallywho he/she says he/she is? Someone who claims to be someone they arenot is spoofing or misrepresenting themselves.

(d) ConfidentialityConfidentiality is sometimes confused with piracy as both are inter-related(look at the definition provided for privacy).

(e) PrivacyE-commerce merchants have two concerns related to privacy:

(i) They must establish internal policies that govern their own use ofcustomer information; and

(ii) They must protect the information from illegitimate or unauthoriseduse.


7/47


For example, if hackers break into an e-commerce site and gain access tocredit card or other information, this not only violates the confidentiality ofthe data, but also the privacy of the individuals who supplied the

information.

(f) AvailabilityCustomers may be wondering about the accessibility of the site while theoperator dwells over the operational aspect of the website.

E-commerce security is designed to protect these six dimensions. When anyone of them is compromised, it is a security issue.

6.1.4 Security Threats in the E-commerceEnvironment

The nine most common and most damaging forms of security threats toe-commerce sites are as shown in Figure 6.3.

Figure 6.3: Security threats in the e-commerce environment


8/47


Let us examine each form of security threats in detail in the following points.

(a) Malicious CodeWhat is a malicious code? Let us refer below for its meaning.

The following are a variety of threats for malicious code:

x Viruses;

x Worms;

x Trojan Horses; and

x Bot.

Does a malware named as Trojan horse has similar shape to the famousGreek mythology? The name given for the malware does not correspondwith the physical shape of the malware, but it corresponds to the function

of the malware (see Figure 6.4).

Figure 6.4: An illustration on malwareSource: http://lima-tujuh.blogspot.com/

Malicious code, which is referred as malware or malicious software,includes any kind of intrusion of any kind of programmes or softwarewhich intends to get access into a computer without the permission of thecomputer user.


9/47


(i) VirusA virus is a computer programme that has the ability to replicate ormake copies of itself and spread to other files. In addition to the

ability to replicate, most computer viruses deliver a payload.

What is a payload? If you do not know the meaning of the term, referbelow to find out its meaning.

The major categories of computer viruses include the following:

x Macro VirusThe most common type of virus is a macro virus (refer below forits definition).

When a user opens an infected document in an appropriateapplication, the micro virus copies itself to the templates in theapplication, so that when new documents are created, they areinfected with the macro virus as well. Micro viruses can easily bespread when sent in an email attachment.

x File-Infecting VirusesFile-infecting viruses usually infect executable files, such as *.com,

*.exe, *.drv, and *.dll files. They may activate every time theaffected file is executed by copying themselves into otherexecutable files. File-infecting viruses are also easily spreadthrough e-mails and any file-transfer system.

x Script VirusesWhat is a script virus? If you do not know what is meant by theterm, refer below in order to learn more on the term.

The payload may be relatively light, such as the display of a messageor an image, or it maybe highly destructive such as destroying thefiles, reformatting the computer hard drive, or causing programmesto run improperly.

Macro viruses are application-specific, meaning that the virus affectsonly the application for which it was written, such as Microsofts

Word, Excel and PowerPoint.


10/47


The viruses are activated simply by double-clicking an infected*.vbs or *.js file. The ILOVEYOU virus (also known as the LoveBug), which overwrites *.jpg and *.mp3 files, is the most famousexample of a script virus.

(ii) WormMacro, file-infecting virus, and script viruses are often combined witha worm. Instead of just spreading from file to file, a worm is designedto spread from computer to computer. A worm does not necessarilyneed to be activated by a user or a programme in order for it toreplicate itself.

For instance, the Slammer worm infected more than 90% ofvulnerable computer worldwide within 10 minutes of its release onthe Internet.

(iii) Trojan HorseA trojan horse appears to be not harmful, but it is one of the malwarethat need to be taken into consideration. The Trojan horse is not itself

a virus because it does not replicate, but it is often a way for viruses orother malicious codes such as bots to be introduced into a computersystem.

As explained earlier, a malwares name is not directly referring to theshape of the malware, instead it refers to the function of it. Themalware Trojan horse is based on the Greeks huge golden horsewhich contained hundreds of soldiers (refer to Figure 6.5). Thesoldiers revealed themselves and captured the city once the people ofTroy let the massive horse within their gates. In todays world, a

Trojan horse may masquerade as a game, but actually hide aprogramme to steal your passwords and e-mail them to anotherperson.

Script viruses are written in script-programming languages such asVBScript (Visual Basic Script) and JavaScript.


11/47


Figure 6.5: An illustration on the Trojan horseSource: http://rollingroots.blogspot.com/(iv) Bots

What is a bot? Do you know the meaning of it? If you do not, referbelow.

Once installed, the bot responds to external commands sent by theattacker. We have studied the meaning of bot; now let us move on tothe term botnets which is another important term in relation of bots.

Malicious code such as that described above is a threat at both theclient and the server level, although servers generally engage in muchmore thorough anti-virus activities than do consumers. At the serverlevel, malicious code can bring down an entire website, preventingmillions of people from using the site. Such incidents are infrequent.

Bot is a type of malicious code that can be covertly installed on acomputer when attached to the Internet.

Botnets are collections of captured computers used for maliciousactivities such as spamming, stealing information and participating ina distributed denial of service attack (DDOS attack).


12/47


Much more frequent malicious code attacks occur at the client level,but the amount of damage is limited to a single machine.

Malicious code is a threat to a systems integrity and continuedoperation, often changing how a system functions or alteringdocuments created on the system. In some cases, the affected user isunaware of the attack until it is underway, such as with the macrosthat use email address books to send out copies of the virus toeveryone in the users address book. Not only does this slow downthe computer, but it can create hundreds or thousands of bogusmessages that appear to be coming from the user, thereby spreadingthe virus further each time it is opened and activated.

(b) Unwanted ProgrammeWe have learned extensively on malicious code; now, let us shift ourattention to unwanted programmes.

Examples of these kinds of programmes are the following:

(i) AdwareAdware is used to call for pop-up ads to display when user visitscertain site. For instance, adwares like ZongoSearch and PurityScan.

(ii) Browser ParasiteA browser parasite monitors and changes the settings of a usersbrowser such as changing the homepage and sending information toremote sites. For example, browser parasite like WebSearch.

(iii) SpywareSpyware is used to obtain information of the users such as the userskeystrokes, copies of email and instant messages, and screenshots.For example, SpySherif, which disguises as a spyware removalprogramme but is actually a malicious spyware.

(c) Identity Theft and PhishingLet us look below at the definition and examples given for identity theft.

Unwanted programmes are those applications that install themselves on acomputer without the users consent. Once they are installed, they areusually difficult to be removed from the computer.


13/47


Now, let us shift our attention to the definition provided below forphishing.

The most popular phishing attempt is the spear phishing email scam as

described below.

For instance, someone from a rich country sends an email to you asking foryour bank account number. The purpose is mentioned as to stash millions

Identity theft is a crime in which a criminal obtains key pieces of personalinformation, such as identity cards numbers or driver's license numbers, in

order to pose as someone else. The information can be used to obtain credit,merchandise, and services using the victims name.

Identity theft can also provide a thief with false credentials for immigrationor other applications. One of the biggest problems with identity theft is thatvery often the crimes committed by the identity theft expert are oftenattributed to the victim.

(Source: http://www.identitytheftcreditfraud.com/)

Phishing is a deceptive online attempt by a third party to obtaininformation of individual or organisation for financial gain. Phishing relieson straightforward misrepresentation and fraud approach.

Spear phishing describes any highly targeted phishing attack. Theoperation mode of spear phishers is by sending e-mail to certainindividuals, groups or organisations. The message might look genuine andcould include requests for user names or passwords. However, bear inmind that the e-mail sender information has been faked or "spoofed".

If you respond with a user name or password, or if you click links or open

attachments in a spear phishing e-mail, pop-up window, or website, youmight become a victim of identity theft and you might put your employeror group at risk.

Source:http://www.microsoft.com/hk/protect/yourself/phishing/spear.mspx


14/47


of dollars for a short period of time and in return you will receive certainamount of money.

(d) Hacking and Cyber VandalismThe terms hacker and cracker are used interchangeably in the public. Let uslook at the definitions for both terms.

Hackers and crackers gain unauthorised access by finding weaknesses inthe security procedures of websites and computer systems, often takingadvantage of various features of the Internet that make it an easy to useopen system. Hackers and crackers are computer enthusiasts who areexcited by the challenge of breaking into corporate and governmentwebsites.

Sometimes, they are satisfied merely by breaking into the files of an

e-commerce site. Others have more malicious intentions and commit cybervandalism, an act of intentionally disrupting, defacing or even destroyingthe site.

Let us look at another three terms which are inter-related to the termhacker.

A hacker is an individual who intends to gain unauthorised access toa computer system.

A cracker is typically used to denote a hacker with criminal intent.

Malicious insider is a hacker who is an employee in an organisation. Theyobtain access to the computer systems or networks of the organisation and

conduct harmful activities which are purposely done to bring bad impact tothe organisation.

Cyber criminal deals with any criminal act related to Internet, computersand networks.


15/47


The hacker phenomenon has diversified over time. Hackers activities havealso broadened beyond mere system intrusion to include theft of goods andinformation, as well as vandalism and system damage. Groups of hackers

called tiger teams (will be explained later) are used by corporate securitydepartments to test their own security measures. By hiring hackers to breakinto the system from the outside, the company can identify weaknesses inthe computer systems armour.

Hackers can be categorised into three categories as shown in Table 6.2.

Table 6.2: Categories of HackersHackers Descriptions

White hats

White hats hackers are known as good hackers because of theirrole in helping organisations to locate and fix security flaws. Whitehats do their work under contract, with agreement from clients thatthey will not be prosecuted for their efforts to break-in.

Black hats

In contrast, black hats are bad hackers who engage in thesame kinds of activities but without any pay or contract from thetargeted organisation. They have the intention of causing harm tothe organisation. They will break into websites and reveal theconfidential or proprietary information they find. These hackers

believe strongly that information should be free, so sharingpreviously-secret information is part of their mission.

Cyber terrorist conducts unlawful attacks and threats of attack againstcomputers, networks, and the information stored in it. Cyber terrorist aims

to intimidate or forcefully persuade a government or its people for politicalor social purposes.

- Dorothy Denning

Source: http://www.crime-research.org/library/Cyber-terrorism.htm


16/47


17/47


transacting will lose the credit information or permit it to bediverted for a criminals use.

Credit card files are a major target of website hackers. Moreover,e-commerce sites are wonderful sources of customers personalinformation such as name, address, and phone number. Armedwith this information, criminals can assume a new identity andestablish new credit for their own purposes.

International orders have been particularly prone to repudiation. If aninternational customer places an order and then later disputes it, onlinemerchants often have no way to verify that the package was actuallydelivered and that the credit card holder is the person who placed the

order.

(f) Spoofing and Spam WebsitesWhat is spoofing? Refer below in order to know to know more on this term.

Links that are designed to lead to one site can be reset to send users to atotally unrelated site, one that benefits the hacker. Although spoofing doesnot directly damage files or network servers, it threatens the integrity of asite.

For example, if hackers redirect customers to a fake website that looksalmost exactly like the true site, they can collect and process the orders,effectively stealing business from the true site. Or, if the intent is to disruptrather than steal, hackers can alter orders inflating them or changingproducts ordered and then send them on the true site for processing anddelivery.

Customers become dissatisfied with the improper order shipment and thecompany may have huge inventory fluctuations that impact its operations.In addition to threatening integrity, spoofing also threatens authenticity by

Spoofing refers to the act of hackers who attempts to hide their trueidentities by misrepresenting themselves through fake e-mail addresses ormasquerading as someone else.

Spoofing also involves the act of redirecting a web link to an addressdifferent from the intended one, with the site masquerading as the intendeddestination.


18/47


making it difficult to discern the true sender of a message. Clever hackerscan make it almost impossible to distinguish between a true and fakeidentity or web address.

We have learned on spoofing; now let us shift our attention on spamwebsite as defined below.

For example, you enter the keywords of an established firm in order tolearn more on the firm. The search engine provides lists of websites havingthe key words entered by you. Once you click on a website which has thesimilar domain name of the firm you searched for, the website is quicklyredirected to other spammer-related websites.

(g) Denial of Service (DOS) and Distributed Denial of Service (DDOS) AttacksLet us look at the definitions of both terms in order to be able todifferentiate it clearly.

DOS attacks may cause a network to shut down, making it impossible for

users to access the site. For busy e-commerce sites such as e-Bay.com andBuy.com, these attacks are costly as while the site is shut down, the sitesreputation is damaged profoundly.

Although such attacks do not destroy information or access-restricted areasof the server, they are nuisances that interfere with a companys operationsas shown in the example.

Spam website (also known as junk website) appears on search results whichcloak its identity by using domain name similar to legitimate firm nameand redirect traffic to known-spammer redirection domains.

In a Denial of Service (DOS) attack, hackers flood a website with uselesstraffic to overwhelm the network.

A Distributed Denial of Service (DDOS) attack uses numerous computers toattack the target network from numerous launch points.


19/47


Now, let us focus on smurf. Smurf, which is a type of DOS attack, brings anetwork down by sending out a request to many broadcast addresses withan address that can communicate with up to 255 host computers to verifythat the address is working. When the 255 hosts on each broadcast addressreply to the verification request, the hacker spoofs the IP address reply tothe verification request, listing a particular companys server as thesupposed reply address. Soon, the victim companys server is quicklyoverwhelmed with thousands of PING responses (refer below) that tie itup.

DOS and DDOS attacks are threats to a systems operation because they can

shut it down indefinitely. Major websites such as Yahoo! and evenMicrosoft have recently experienced such attacks, making the companiesaware of their vulnerability and the need to introduce new measures toprevent any future attacks.

(h) SniffingWhat is a sniffer? Refer below to know more on it.

When used legitimately, sniffers can help to identify potential networktrouble spots, but when used for criminal purposes, they can be damagingand very difficult to detect. Sniffers enable hackers to steal proprietaryinformation from anywhere on a network, including e-mail messages,company files, and confidential reports.

Email wiretaps (refer below) are a new variation on the sniffing threat.

In February 2000, a series of hackers attacks caused many websites to shutdown for several hours. E-Bay was down for five hours, Amazon for just

below four hours, CNN for more than three hours, and E-Trade for belowthree hours. Yahoo, Buy.com, and ZDNet were also affected for three tofour hours.

Ping is a basic Internet programme that allows a user to verify that aparticular IP address exists and can accept requests.

A sniffer is a type of eavesdropping programme that monitors informationtravelingtravelling over a network.


20/47


For example, suppose an employee reports on a manufacturing flaw thatshe has discovered to her supervisor, who then runs through the messagein an organisation. Someone using an e-mail wiretap will be privy to all ofthe subsequent e-mails that are shared on the email sent by the supervisor.

When sensitive internal communication occurs, this type of eavesdroppingcan be damaging and dangerous. The threat of sniffing is that confidentialor personal information will be made public. For both companies andindividuals, such an occurrence can be potentially harmful.

(i) Insider JobsWe tend to think of security threats to a business as originating outside theorganisation. In fact, the largest financial threat to business institutionscomes not from robberies, but from the insiders itself.

The same is true for e-commerce sites: Some of the largest disruptions toservice, destruction to sites, and diversion of customer credit data andpersonal information have come from insiders who are once trusted

employees. Employees have access to privileged information, and in thepresence of sloppy internal security procedures, they are often able to roamthroughout an organisations system without leaving a trace.

To get more information on e-commerce or Internet security, you can visitthe following websites:

An email wiretap is a hidden code in an e-mail message that allowssomeone to monitor all succeeding messages forwarded with the original

message.

Center for Internet Security:http//www.cisecurity.org/

E-Commerce Security - Attacks and preventive strategies:http://www.ibm.com/developerworks/websphere/library/techarticles/ 0504_mckegney/0504_mckegney.html


21/47


TECHNOLOGY SOLUTIONS

The first line of defence against the wide variety of security threats to ane-commerce site is a set of tools that can make it difficult for outsiders to invadeor destroy a site.

In the coming sections, we will look into the following aspects:

(a) Encryption;

(b) Securing channels of communication; and

(c) Protecting the network, servers and clients.

6.2

List all the common and damaging forms of security threats to e-commercesites.

SELF-CHECK 6.1

You are planning to develop an e-commerce site for your businessorganisation. Would you build your own or outsource to othervendors? State your reasons.

ACTIVITY 6.1

1. List six key dimensions of e-commerce security.

2. One of the most common forms of security threat to e-commercesites is malicious code. Explain what the malicious code is.

EXERCISE 6.1


22/47


6.2.1 Encryption

What is an encryption? Read below for the definition of the term.

The purpose of encryption is:

x To secure stored information; and

x To secure information transmission.

This transformation of plain text to cipher text is accomplished by using the keyor cipher (algorithm) method as illustrated in Figure 6.6.

Figure 6.6: EncryptionSource: http://securitycerts.org/review/symmetric-key-cryptography.htm

Encryption has been practiced since the earliest forms of writing and commercialtransaction. Ancient Egyptian and Phoenician commercial records wereencrypted using the following ciphers:

(a) Substitution CipherIn a substitution cipher, every occurrence of a given letter is replacedsystematically by another letter.

For instance, if we used the cipher letter plus two meaning replace everyletter in a word with a new letter two places forward, then the word

Encryption is the process of transforming plain text or data into cipher textthat cannot be read by anyone outside of the sender and the receiver.


23/47


HELLO in plain text would be transformed into the following cipher text:JGNNQ.

(b) Transposition CipherIn a transposition cipher, the ordering of the letters in each word is changedin some systematic way. Leonardo da Vinci recorded his shop notes inreverse order, making them readable only with a mirror. The word Hellocan be written backwards as OLLEH.

A more complicated cipher would be to break all words into two wordsand spell the first word with every other letter beginning with the firstletter, and then spell the second word with all the remaining letters. In thiscipher, HELLO would be written as HLO EL.

In order to decipher the above messages, there are a number of deciphering toolsand they are:

x Symmetric Key Encryption;

x Public Key Cryptography;

x Public Key Encryption Using Hash Function and Digital Signature;

x Digital Envelope; and

x Digital Certificate and Public Key Infrastructure (PKI).

(a) Symmetric Key EncryptionSo, what is a symmetric key encryption?

Symmetric key encryption, also called as secret key encryption, is used todecode or decipher a message which is originally encrypted in a plain text.

In symmetric key encryption, both the sender and the receiver use the samekey to encrypt and decrypt the message as can be seen in Figure 6.7. You

may wonder how the sender and the receiver have the same key. Theyhave to send it over some communication media or exchange the key inperson.


24/47


Figure 6.7: Symmetric key encryptionSource: http://www.devx.com/dbzone/Article/29232/0/page/3Symmetric key encryption was used extensively throughout World War IIand is still part of the Internet encryption. The Germans added a newwrinkle in the 1940s with the invention of the Enigma machine (refer to

Figure 6.8). The Allies (anti-German coalition) captured several Enigmamachines, examined their operation, understood the role of time inchanging the codes, and eventually were able to routinely decipher theGermans military and diplomatic messages.

How did the enigma machine operate? The Enigma machine wouldgenerate, in an everyday-basis, a new secret cipher that used bothsubstitution and transposition ciphers based on the settings made by amechanical device. As long as all Enigma machines around the world wereset to the same settings, they could communicate securely, and every day

the codes would change, hindering code-breakers from breaking the codesin a timely-fashion.


25/47


Figure 6.8: Enigma machineSource: http://maestro-sec.com/blogs/2008/10/The possibilities for simple substitution and transposition ciphers areendless, but they all suffer from common flaws such as:

(i) Easy to be Broken IntoIn the digital age, computers are so powerful and fast that theseancient means of encryption can be broken quickly.

(ii) Key being Lost or StolenSymmetric key encryption requires that both parties share the samekey. In order to share the same key, they must send the key over apresumably insecure medium, where it could be stolen and used todecipher messages. If the secret key is lost or stolen, the entireencryption system will fail.

(iii) Impossible to be ImplementedIn commercial use, where we are not all part of the same team or

army, you would need a secret key for each of the parties with whomyou transacted, that is, one key for the bank, another for thedepartment store, and another for the government.

However, in a large population of users, this could result in as manyas (n-1) keys. In a population of millions of Internet users, thousandsof millions of keys would be needed to accommodate all e-commercecustomers. It is estimated there are about 35 million purchasers in theUnited States alone. Clearly, this situation would be too impossible towork in practice.


26/47


Modern encryption systems are digital. The ciphers or keys used totransform plain text into cipher text are digital strings. Computers storetext and other data as binary strings composed of 0s and 1s.

The strength of modern security protection is measured in terms of thelength of the binary key used to encrypt the data. In the above example, theeight-bit key is easily deciphered because there are only 28 or 256possibilities. If the intruder knows you are using an eight-bit key, then heor she could decode the message in a few seconds in a modern computerjust by using the Brute Force Algorithm Method of checking each of the 256possible keys.

For this reason, modern digital encryption systems use keys with 56,128,256, or 512 binary digits. With encryption keys of 512 digits, there are 2512possibilities to check out. It is estimated that all the computers in the worldwould need to work for ten years before stumbling upon the answer.

The most widely used symmetric key encryption on the Internet today is

the Data Encryption Standard (DES), which uses a 56-bit encryption key,developed by the National Security Agency (NSA) and IBM in the 1950s.To cope with much faster computers, it has been improved recently toTriple DES, which essentially encrypts the message three times each withseparate key. There are many other symmetric key systems with keys up to2048 bits. Like all symmetric key systems, DES requires the sender and thereceiver to exchange and share the same key, and requires a different set ofkeys for each set of transactions.

For instance, the binary representation of the capital A in ASCIIcomputer code is accomplished with eight binary digits (bits): 01000001.One way in which digital strings can be transformed into cipher text is bymultiplying each letter by another binary number, say, an eight-bit keynumber 0101 0101. If we multiplied every digital character in our textmessages by this eight-bit key, sent the encrypted message to a friend alongthe secret eight-bit key, the friend could decode the message easily.

The brute force algorithm consists in checking, at all positions in the textbetween 0 and n-m, whether an occurrence of the pattern starts there or not.Then, after each attempt, it shifts the pattern by exactly one position to theright.


27/47


(b) Public Key CryptographyIn 1976, an entirely new way of encrypting messages called as Public KeyCryptography was invented by Whitfield Diffie and Martin Hellman.

Public key cryptography solves the problem of exchanging keys. In thismethod, two mathematically related digital keys are used as illustrated inFigure 6.9:

(i) A Public KeyThe private key is kept secret by the owner, and the public key iswidely disseminated. Both keys can be used to encrypt and decrypt amessage. The mathematical algorithms used to produce the keys areone-way functions.

A one-way reversible mathematical function is one which, once thealgorithm is applied, the input cannot be subsequently derived fromthe output.

(ii) A Private KeyPublic key cryptography is based on the idea of irreversiblemathematical functions. The keys are sufficiently long (128-bit, 256-bit, and 512-bit keys) that it would take enormous computing powerto derive one key from the other using the largest and fastestcomputers available.

Figure 6.9: Public key cryptographySource: http://www.aarontoponce.org/presents/gpg/(c) Public Key Encryption Using Hash Function and Digital Signature

In public key encryption as shown in Figure 6.10, some elements of securityare missing. Although we can be quite sure the message was notunderstood or read by a third party (message confidentiality), there is no


28/47


guarantee the sender really is the sender that is, there is no authenticationof the sender. This means the sender could deny ever sending the message(repudiation). And there is no assurance the message was not altered

somehow in transmit.

For example, the message Buy Sisco @ $25 could have been accidentallyor intentionally altered to read Sell Sisco @ &25. This suggests a potentiallack of integrity in the system.

Let us look at the two components used in public key encryption.

(i) Hash FunctionA more sophisticated use of public key cryptography can achieve

authentication, nonrepudiation and integrity. To check theconfidentiality of a message and to ensure it has not been altered intransit, a hash function (refer below) is used first to create a digestof the message.

The results of applying the hash function are sent by the sender tothe recipient. Upon receipt, the recipient applies the hash function tothe received message and checks to verify the same result isproduced. If so, the message has not been altered. The sender thenencrypts both the original message using the recipients public key,producing a single block of cipher text.

(ii) Digital SignatureOne more step is required. To ensure the authenticity of the

message, and to ensure nonrepudiation, the sender encrypts theentire block of cipher text one more time using the senders privatekey. This produces a digital signature, also called as an e-signatureor signed cipher text, that can be sent over the Internet.

A hash function is an algorithm that produces a fixed-length numbercalled a hash or message digest. A hash function can be simple, andcount the number of digital 1s in a message, or it can be morecomplex, and produce a 128-bit number that reflects the number of 0sand 1s, the number of 00s, 11s, and so on.


29/47


Figure 6.10: Public key encryption using hash function and digital signatureSource: http://www.microsoft.com/mspress/books/sampchap/6429.aspxA digital signature is a close parallel to a handwritten signature. Like ahandwritten signature, the digital signature is unique as only one personpresumably possesses the private key. When used with a hash function, thedigital signature is even more unique than a handwritten signature. Inaddition to being unique to a particular individual, when used to sign ahashed document, the digital signature is also unique to the document andchanges for every document.

The recipient of this signed cipher text first uses the senders public key toauthenticate the message. Once authenticated, the recipient uses his or herprivate key to obtain the hash result and original message. As a final step,the recipient applies the same hash function to the original text andcompares the result with the result sent by the sender. If the results are thesame, the recipient now knows the message has not been changed duringtransmission. The message has integrity.

(d) Digital EnvelopePublic key encryption is computationally slow. If one used 128-bit or 256-bit keys to encode large documents such as this topic or the entire module,significant declines in transmission speeds and increases in processing timewould occur.

Symmetric key encryption is computationally faster but as we pointed outabove, it has a weakness, namely, the symmetric key must be sent to therecipient over insecure transmission lines. One solution is to use the digitalenvelope technique.


30/47


(e) Digital Certificate and Public Key Infrastructure (PKI)There are still some deficiencies in the message security regime describedabove. How do we know that people and institutions are who they claim tobe? Anyone can make up a private and public key combination and claimto be the Defence Department or Santa Claus. Before you place an orderwith an online merchant such as Amazon.com, you want to be sure that itreally is Amazon.com that you have on the screen and not a spoofermasquerading as Amazon.

In the physical world, if someone asks who you are and you show a socialsecurity number, they may well ask to see your identification cards pictureor a second form of certifiable or acceptable identification. If they reallydoubt who you are, they may ask references to other authorities andactually interview those authorities. Similarly in the digital world, we needa way to know who people and institutions really are.

There are two methods to solve this problem of digital identity and theyare:

(i) Digital CertificateA digital certificate is a digital document issued by a trustedcertificate authority (CA). Refer below to know more on CA.

The digital certificate contains the following elements as can be seenin Figure 6.11:

x The name of the subject or company;

x The subjects public key;

x A digital certificate serial number;

x An expiration date;

x An issuance date;

The digital envelope is applied by using more efficient symmetricencryption and decryption for large documents, but public key encryptionis used instead to encrypt and send the symmetric key.

Certificate authority is a trusted third party institution. In the UnitedStates, private corporations such as VeriSign and government agenciessuch as the U.S. Postal Service act as certificate authorities.


31/47


x The digital signature of the certificate authority (the name of theCA encrypted using the CAs private key); and

x Other identifying information.

Figure 6.11: Digital certificateSource: https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/wikileak/index.html(ii) Public Key Infrastructure

What is a Public key infrastructure? Refer below to find out itsmeaning.

To create a digital certificate, the user generates a public/private keypair and sends a request for certification to the CA along with theusers public key. The CA verifies the information and then issues acertificate containing the users public key and other relatedinformation. Finally, the CA creates a message digest from the

Public key infrastructure (PKI) refers to the certificate authorities anddigital certificate procedures that are accepted by all parties.


32/47


certificate itself (just like a hash digest) and signs it with the CAsprivate key. This signed digest is called the signed certificate. We endup with a totally unique cipher text document that there can be only

one signed certificate like this in the world.There are several ways the certificates are used in commerce. Beforeinitiating a transaction, the customer can request the signed digitalcertificate of the merchant and decrypt it using the merchants publickey to obtain both the message digest and the certificate as issued. Ifthe message digest matches the certificate, then the merchant and thepublic key are authenticated. The merchant may in return requestcertification of the user, in which case the user would send themerchant his or her individual certificate. There are many types ofcertificates: personal, institutional, web server, software publisher,

and CAs themselves.

You can easily obtain a public and private key at the Pretty GoodPrivacy (PGP) site (www.pgpi.org.). PGP was invented in 1991, andhas become one of the most widely used e-mail public key encryptionsoftware tools in the world. Using PGP software installed on yourcomputer, you can compress and encrypt your messages as well asauthenticate both yourself and the recipient.

6.2.2 Limitations to Encryption Solutions

How is your private key to be protected? Most private keys will be stored on insecure desktop or laptop machines.

Therefore, there are three limitations in using the encryption and they are:

(a) No Guarantee of Determining the User of the ComputerThere is no guarantee the person using your computer and your privatekey is really you. Under many digital signature laws (such as those in Utahand Washington), you are responsible for whatever your private key does

even if you were not the person using the key. This is very different frommail order or telephone order credit card rules, where you have a right todispute the credit card charge.

(b) No Guarantee to Verify the Computer is SecuredThere is no guarantee to verify that the computer of the merchant issecured.


33/47


(c) No Definite Policy in Revoking or Renewing the CertificatesThe expected life of a digital certificate or private key is a function of thefrequency of use and the vulnerability of systems that use the certificate. Yet,

most CA has no policy or just an annual policy for reissuing certificates.

6.2.3 Securing Channels of Communication

The concepts of public key encryption are used routinely for securing channels ofcommunications.

In this section, we will look into the following:

x Secure Sockets Layer (SSL);

x Secure Hypertext Transfer Protocol (S-HTTP); and

x Virtual Private Networks (VPN).

(a) Secure Sockets Layer (SSL)The most common form of securing channels is through the secure socketslayer (SSL) of TCP/IP. When you receive a message from a server on the webthat you will be communicating through a secure channel, this means that youwill be using SSL to establish a secure negotiated session (refer below).

For instance, your credit card number that you entered into a form would beencrypted. Through a series of handshakes and communications, the browserand the server establish one another s identity by exchanging digitalcertificates, decide on the strongest shared form of encryption and thenproceed to communicate using an agreed-upon session key (refer below).

In practice, most private individuals do not have a digital certificate. In thiscase, the merchant server will not request a certificate, but the client

A secure negotiated session is a client-server session in which the URL ofthe requested document, along with the contents, contents of forms, andthe cookies exchanged, are encrypted. You will also notice that the URLchanges from HTTP to HTTPS.

A session key is a unique symmetric encryption key chosen just for thissingle secure session. The key can be used only once.


34/47


browser will request the merchant certificate once a secure session is calledfor by the server.

The SSL protocol provides data encryption, server authentication, optionalclient authentication, and message integrity for TCP/IP connections. SSL isavailable in 40-bit and 128-bit levels, depending on what version ofbrowser you are using. The strongest shared encryption is always chosen.

SSL was designed to address the threat of authenticity by allowing users toverify another users identity, or the identity of a server. It also protects theintegrity of the messages exchanged. However, once the merchant receivesthe encrypted credit and order information, that information is typicallystored in unencrypted format on the merchants servers.

While the SSL protocol provides secure transactions between merchant andconsumer, it only guarantees server side authentication as clientauthentication is optional. In addition, SSL cannot provide irrefutabilitythat consumers can order goods or download information products, andthen claim the transaction which never occurred. Other protocols forprotecting financial transactions such as Secure Electronic TransactionProtocol ( SET) have emerged that require all parties of a transaction to usedigital certificates.

(b) Secure Hypertext Transfer Protocol (S-HTTP)A competing method is called as Secure Hypertext Transfer Protocol ( S-HTTP).S-HTTP is a secure message-oriented communications protocol designed for usein conjunction with HTTP. It is designed to co-exist with HTTP and to be easilyintegrated with HTTP applications. Basically, S-HTTP attempts to make HTTPmore secure. Whereas SSL is designed to establish a secure connection betweentwo computers, S-HTTP is designed to send individual messages securely.

However, you need to bear in mind that not all browsers and not allwebsites support S-HTTP. You know you are dealing with a supportingsite when the URL starts with SHTTP. The use of this as part of an anchortag indicates that the target server is S-HTTP capable. A message whichuses S-HTTP maybe:

(i) Signed;

(ii) Authenticated;

(iii) Encrypted; and

(iv) In any combination of the mentioned ways.


35/47


(c) Virtual Private Networks (VPN)Virtual Private Networks (VPN) allow remote users to securely accessinternal networks via the Internet, using the Point-to-Point TunnelingProtocol (PPTP). Refer below to find out its meaning.

As shown in Figure 6.12, a remote user can dial into a local Internet ServiceProvider (ISP), and PPTP makes the connection from the ISP to thecorporate network as if the user had dialled into the corporate networkdirectly. The process of connecting one protocol (PPTP) through anotherInternet Protocol (IP) is called as tunneling because PPTP creates a privateconnection by adding an invisible wrapper around a message to hide itscontent. As the message travels through the Internet between the ISP andthe corporate network, it is shielded from prying eyes by PPTPs encryptedwrapper.

Figure 6.12: Virtual private networksA virtual private network is virtual in the sense that it appears to users asa dedicated secured line, when in fact it is a temporary secure line. Theprimary use of VPNs is to establish secure communications amongbusiness partners larger suppliers or customers. A dedicated connection toa business partner can be very expensive. Using the Internet and PPTP asthe connection method significantly reduces the cost of securecommunications.

Point-to-Point Tunneling Protocol is an encoding mechanism that allowsone local network to connect to another using the Internet as the conduit.


36/47


6.2.4 Protecting Network

Once you have protected communications as well as possible, the next sets of

tools to consider are those that can protect your networks, and the servers andclients on those networks. The tools used for this purpose are:

(a) Firewalls; and

(b) Proxy servers.

Firewalls and proxy servers are intended to build a wall around your network,and the attached servers and clients, just like physical world firewalls whichprotect you from fires for a limited period of time. Firewalls and proxy serversshare some similar functions, but they are quite different as explained below:

(a) FirewallsFirewalls are software applications that act as filters between a companysprivate network and the Internet as illustrated in Figure 6.13.

Figure 6.13: FirewallsSource: http://www.barbardata.com/2009/11/design-of-a-computer-system/They prevent remote client machines from attaching to your internalnetwork. Firewalls monitor and validate all incoming and outgoingcommunications. Every message that is to be sent or received from the


37/47


network is processed by the firewall software, which determines if themessage meets the security guidelines established by the business. If itdoes, it is permitted to be distributed. However, if it does not, the message

is blocked.

There are two major methods firewalls use to validate traffic:

(i) Packet FiltersPacket filters examine data packets to determine whether they aredestined for a prohibited port, or originate from a prohibited IP address(as specified by the security administrator). The filter specifically looks atthe source and destination information, as well as the port and packettype, when determining whether the information may be transmitted.

One downside of the packet filtering method is that it is susceptible tospoofing, since authentication is not one of its roles.

(ii) Application GatewaysApplication gateways are a type of firewall that filter communicationsbased on the application being requested, rather than the source ordestinations of the message. Such firewalls also process requests at theapplication level, farther away from the client computer than packetfilters. By providing a central filtering point, application gatewaysprovide greater security than packet filters, but can compromise on theperformance of the system.

(b) Proxy ServersWhat is a proxy server? Let us learn more on it by taking a look at theexplanation provided below.

How does a dual home systems of proxy servers work? Let us look atFigure 6.14 which shows the processes involved in the system.

Proxy servers (proxies) are software servers that handle allcommunications originating from or being sent to the Internet, acting as aspokesperson or bodyguard for the organisation.

Proxies act primarily to limit access of internal clients to external Internetservers, although some proxy servers act as firewalls as well. Proxy serversare sometimes called dual-home systems because they have two networkinterfaces. To internal machines, a proxy server is known as the gateway,while to external machines it is known as a mail server or numeric address.


38/47


Figure 6.14: The dual-home systems of proxy serversBy prohibiting users from communicating directly with the Internet,companies can restrict access to certain types of sites, such as pornographic,auction, or stock-trading sites. Proxy servers also improve Webperformance by the using the following ways:

(i) Storing frequently requested web pages locally;

(ii) Reducing upload times; and

(iii) Hiding the internal networks address, thus making it more difficultfor hackers to monitor.

6.2.5 Protecting Servers and Clients

Servers and clients can be further protected from certain types of attacks by thefollowing ways:

(a) Operating System ControlsComputer operating systems typically have a built-in username andpassword requirement that provides a level of authentication. Someoperating systems also have an access control function that automates user


39/47


access (or more commonly denies access by clients) to various areas of thenetwork.

For instance, operating systems security can manage access to selectednetwork paths so that only authorised personnel can obtain access topayroll information. Application software including Microsoft office and allserver-side database packages containing extensive security managementfeatures that can be used on networks and intranets to manage access todata files.

(b) Anti-virus SoftwareThe easiest and least expensive way to prevent threats to system integrity isto install anti-virus software. Programmes by McAfee and Symantec

provide inexpensive tools to identify and eradicate the most commontypes of viruses as they enter a computer, as well as destroy those alreadylurking on a hard drive.

It is not enough, however, to simply install the software once. Since newviruses are being developed daily, routine updates are needed in order toprevent new threats from being loaded.

(c) Intrusion Detection SystemThis system, which is more complex and expensive, work much more likean anti- virus software in that they look for recognised hacker tools orsignature actions.

Designed to trigger an alarm when such an action is noted, these systemsmust be monitored by staff members or intrusion-detection services inorder to work properly. Sensors set up on a computer network will triggerhundreds of alarms, with only a very small percentage being a potentialsecurity threat. Regular monitoring and analysis help weed out theinsignificant from the potentially harmful. Despite the extra work involvedin eliminating false alarms, intrusion detection systems also serve as a firstline of defensedefence against hacker attacks.

1. How do anti-virus programmes detect and identify a virus?

2. What are the tools used to protect networks, servers and clients?

SELF-CHECK 6.2


40/47


You can visit the following websites to get more information on technologysolutions for e-commerce security:

POLICIES AND PROCEDURES

Most Chief Executive Officers (CEO) and Chief Information Officers (CIO) of

existing e-commerce operations believe that technology is not the key issue inmanaging the risk of e-commerce. The technology provides a foundation, but inthe absence of intelligent management policies even the best technology can beeasily defeated. Public laws and active enforcement of cybercrime statutes arealso required to both raise the costs of illegal behaviour on the Internet and guardagainst corporate abuse of information. Let us consider briefly the developmentof management policy.

6.3

1. What is encryption?

2. Give four different forms of encryption technology currentlyin use.

3. Explain these two tools which are used to establish secureInternet communication channels:

(a) SSL (Secure Sockets Layer)

(b) S-HTTP (Secure Hypertext Transfer Protocol)

EXERCISE 6.2

(a) Encryption:

x http://tools.devshed.com/c/a/How-To/What-Is-Encryption-Technology/

(b) Guide to intrusion detection and prevention systems:

x http://csrc.ncsl.nist.gov/publications/nistpubs/800-94/SP800-94.pdf

(c) Articles on security topics:

x www.windowsecurity.com/


41/47


6.3.1 A Security Plan: Management Policies

In order to minimise security threats, e-commerce firms must develop a coherent

corporate policy as shown in Figure 6.15. This policy takes into account thenature of the risks, the information assets that need protection, and theprocedures and technologies required to address the risk, as well as theimplementation and auditing mechanisms.

Figure 6.15: Management e-commerce security plans(a) Risk Assessment

A security plan begins with risk assessment, which is an assessment of therisks and points of vulnerability. The first step in addressing the risk is toinventory the information and knowledge assets of the e-commerce site

and company. What information is at risk? Is it the customer information,proprietary designs, business activities, secret processes, or other internalinformation such as price schedules, executive compensation, or payroll?For each type of information asset, try to estimate the dollar value to thefirm if this information were compromised and then multiply that amountby the probability of the occurring loss. Once you have done so, rank theresults. You now have a list of information assets prioritised by their valueto the firm.


42/47


(b) Develop Security PolicyBased on your quantified list of risks, you can start to develop a securitypolicy (refer below).

You will obviously want to start with the information assets that youdetermined to be the highest priority in your risk assessment.

Below are the questions that might guide in developing the security policy:

(i) Who generates and controls this information in the firm?

(ii) What existing security policies are in place to protect the information?

(iii) What enhancements can you recommend to improve security of thesemost valuable assets?

(iv) What level of risk are you willing to accept for each of these assets?

(v) Are you willing, for instance, to lose customer credit data once everyten years?

(vi) Or will you pursue a hundred-year hurricane strategy by building a

security edifice for credit card data that can withstand the once in ahundred-year disaster?

You will need to estimate how much it will cost to achieve this level ofacceptable risk. Remember, total and complete security may requireextraordinary financial resources.

(c) Implementation PlanAn implementation plan is the action steps you will take to achieve thesecurity plans goals. Specifically, you must determine how you willtranslate the levels of acceptable risk into a set of tools, technologies,policies, and procedures. What new technologies will you deploy toachieve the goals, and what new employee procedures will be needed?

To implement your plan, you will need a security organisational unit and asecurity officer.Let us look at the definitions provided for both of the terms.

Security policy is a set of statements prioritising the information risks,identifying acceptable risk targets, and identifying the mechanisms forachieving these targets.


43/47


The security organisation typically administers the following:

(i) Access ControlsAccess controls determine which outsiders and insiders can gainlegitimate access to your networks. Outsider access controls includefirewalls and proxy servers, while insider access controls typicallyconsist of login procedures (username, passwords and access codes).

(ii) Authentication ProceduresAuthentication procedures include the use of digital signatures,certificates of authority, and public key infrastructure. Now that

e-signatures have been given the same legal weight as an originalpen-and-ink version of signature, companies are in the process ofdevising ways to test and confirm a signers identity.

Attaching a digital thumbprint and showing a live video image of thesigner are two methods under consideration. Companies frequentlyhave signers to type their full name and click on a button indicatingtheir understanding that they have just signed a contract ordocument.

Biometric devices, which measure the biological or physicalcharacteristics of an individual, are used along with digitalsignatures. These devices verify individuals physical attributes suchas a fingerprint or retina (eye) scan or speech recognition system.

A company could require, for example, that an individual undergo afingerprint scan before being allowed access to a website, or beforebeing allowed to pay for merchandise with a credit card. Biometricdevices make it even more difficult for hackers to break into sites orfacilities, significantly reducing the opportunity for spoofing.

Security officer is someone who is in charge of security on a daily basis. Fora small e-commerce site, the security officer will likely be the person incharge of the Internet services or the site manager; whereas for largerfirms, there typically is a dedicated team with a supporting budget.

The security organisation educates and trains the users, keepsmanagement aware of security threats and breakdowns and maintains thetools chosen to implement the security.


44/47


(iii) Authorisation PoliciesLet us look below at the two terms related to authorisation.

Although there are several authorisation management productscurrently available, most operate in the same way. The systemencrypts a user session to function like a passkey that follows the userfrom page to page, allowing access only to those areas that user ispermitted to enter, based on information set at the managementsystem which knows who is permitted to go where at all times.

(d) Security AuditThe last step in developing an e-commerce security plan is performing

a security audit (refer below).

Tiger teams are often used by large corporate sites to evaluate the strengthof existing security procedures.

Before we move further, what is a tiger team? Does the team have anysimilar characteristic to the real black striped orange-reddish colouredanimal?

Authorisation policies determine differing levels of access toinformation assets for differing levels of users.

Authorisation management systems establish where and when a useris permitted to access certain parts of a website. Their primaryfunction is to restrict access to private information within acompanys Internet infrastructure.

A security audit involves the routine reviews of access logs by identifyinghow outsiders are using the site as well as how insiders are accessing thesites assets. A monthly report should be produced that establishes theroutine and non-routine accesses to the systems and identifies unusual


45/47


6.3.2 CyberSecurity Malaysia

CyberSecurity Malaysia, which is established in 1997, is a national cyber securitybody under the Ministry of Science, Technology and Innovation (MOSTI). Itincludes various units and provides services for Internet users and organisationsin the field of cyber security. For example, Cyber999 Help Centre deals with the

detection, interpretation and response to computer security incidents. It alsoprovides safety tips, advisories and specialised services such as Digital Forensicsand wireless security. It also runs a training centre for professional certification.

Visit the following websites for more information on organisations that promotecomputer security:

A tiger team is a group whose sole job activity is attempting to break into asite and stopping just short of actually making any unauthorised changesto the site. Many small firms have sprung up in the last five years toprovide these services to large corporate sites.

Imagine you are the owner of an e-commerce website. What are someof the signs that your site has been hacked?

ACTIVITY 6.2

1. Identify and discuss the fivesteps in developing an e-commercesecurity plan.

2. How do biometric devices help to improve the security?

EXERCISE 6.3


46/47


E-Commerce is vulnerable to a wide range of security threat. Attacks againste-commerce systems can disclose or manipulate proprietary information.Threat to commerce can occur anywhere in the commerce chain, beginningwith a client computer and ending with the computers in the websitearchitecture.

Communication channels, in general, and the Internet, in particular, areespecially vulnerable to attacks.

The key dimensions of e-commerce security are: integrity, non-repudiation,authenticity, confidentiality, privacy and availability.

The seven most common and most damaging forms of security threat toe-commerce sites include: malicious code, hacking and cyber-vandalism,credit card fraud/theft, spoofing, denial of service attacks and sniffing.

The different forms of encryption technology help to protect the security of

messages sent over the Internet: symmetric key encryption, public keycryptography, digital envelope, and digital certificates and public keyinfrastructure.

In addition to encryption, there are several other tools that are used to secureInternet channels of communication, including: SSL, S-HTTP, and VPN.

After communication channels are secured, tools to protect networks, serverand clients should be implemented include: Firewalls, Proxies, OperatingSystem Controls and Anti Virus Software.

(a) CyberSecurity Malaysia:

http://www.cybersecurity.my

(b) Computer Emergency Response Team:

http://www.cert.org

(c) SANS Institute:

http://www.sans.org/

(d) Center for Education and Research in Information Assurance andSecurity:

http://www.cerias.purdue.edu/


47/47


The technology itself is not the key issue in managing the risk of e-commerce,public laws and active enforcement of cyber crime statues are also required toboth raise the costs of illegal behaviour on the Internet and guard against

corporate abuse of information.

Antivirus software

Cipher

Credit card fraud

Cyber vandalism

Denial of service

Digital certificate

Digital envelope

Digital signature

Distributed denial of service

Encryption

Firewalls

Hacking

Hash function

Identity theft

Insider jobs

Intrusion detection system

Malicious code

Operating system controls

Phishing

Point-to-point tunnelling protocol

Proxy servers

Secure hypertext transfer protocol

Secure sockets layer

Sniffing

Spam websites

Spoofing

Unwanted programme

Virtual private networks

Topic 6 Online Security

Documents

Transcript of Topic 6 Online Security