Online and

Payment Security
Describir cómo la tecnología ayuda a
proteger la seguridad de los mensajes
enviados a través de Internet.

 ENCRYPTED Encryption is the process of transforming text or simple data• into encrypted
text that cannot be read by anyone other than the sender and receiver. The purpose of
encryption is:
 Securing stored information
 Ensure the transmission of information.
Four of the six key dimensions of security

 Message Integrity!: Ensures that the message has not been altered.
 Non-roconcing: Prevents the user from denying that he or she sent the message.
 Authentication: Verify the Identity of the person (or computer) sending the message.
 Confidentiality: Ensures that the message has not been read by others.
Public key cryptography

 In the simplest use of public key

cryptography, the sender encrypts a
message using the recipient's public key
and sends it over the internet The only
person who can decrypt this message is
the recipient using his private key.
Public key encryption via digital signatures
and hash summaries

 To check the Integrity of a message and

ensure that it has not been tampered with
along the way, a hash function is first used
to create a summary of the message.
 One more step is required. To ensure
message authenticity and recognition,
the sender once again encrypts the entire
encrypted text block using its private key.
This produces a digital signature.
Identificar las herramientas utilizadas para establecer
canales de comunicaciones seguros en Internet, y proteger
redes, servidores y clientes

 Capa de Soquets Seguros (SSL) y Seguridad de la Capa de Transporte (TLS)

 The most common way to secure channels is through Soquets layer protocols; Secure (SSL)
and Transport Layer Security (TLS).
 When you receive a message on the web from a server with which you are going to
communicate through a secure channel
 This means that you will use SSL and TLS to establish a secure negotiated session (note that
the URL changes from HTTP to HTTPS).
Secure negotiated session

 Client-server session in which the URL of

the requested document, as well as the
content, content of forms and cookies
exchanged are encrypted.
Virtual Private Networks (VPNs)

 It allows remote users to securely access the corporation's local area network to internet
users using Point-to-Point Tune Protocol (PPTP).
Firewalls

 Hardware and software that

filters communication packets
and prevents certain packets
from entering the network based
on a security policy
PROTECTION OF SERVERS AND CUSTOMERS

Operating system features and antivirus software can help

further protect servers and clients from certain types of
attacks

The most obvious way to protect servers and customers is

to take advantage of automatic computer security
updates from Microsoft and Apple.
Software antivirus

 Antivirus software is a computer

program that detects, prevents, and
takes steps to disarm or remove
malicious software programs, such as
viruses and worms.
 A SECURITY PLAN: ADMINISTRATIVE
POLICIES

 To minimize security, ecommerce

companies must develop a
coherent corporate policy that
takes into account the nature of
the risks, information resources
they need protection, and
procedures and technology
required to counter the risk as
much as the mechanisms