Scribd Logo
Upload

Welcome to Scribd!

  • Week 11 - EC Security

    Uploaded by

    agathapriscilla
    9 views13 pages

    Original Title

    Week 11_EC Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views13 pages

    Week 11 - EC Security

    Uploaded by

    agathapriscilla

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 13

    Chapter 11

    E-Commerce Security

    © 2008 Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.
    Internet Banking Security
    Problems

    11-2
    Threats and Attacks
     nontechnical attack (Phishing)

    11-3
    Internet Banking Security
    Problems

    11-4
    Threats and Attacks
     technical attack
     Malware
    A generic term for malicious software
    Virus
     Worms
     Trojan
     Spam
     Hijacking

    11-5
    Securing
    E-Commerce Communications
     access control (authentication &
    authorization)
    Mechanism that determines who can
    legitimately use a network resource
     passive token
    Storage device (e.g., magnetic strip) that
    contains a secret code
     active token
    Small, stand-alone electronic device that
    generates one-time passwords

    11-6
    Securing
    E-Commerce Communications
     biometric systems
    Authentication systems that identify a
    person by measurement of a biological
    characteristic, such as fingerprints, iris
    (eye) patterns, facial features, or voice
     encryption
    The process of scrambling (encrypting) a
    message in such a way that it is difficult,
    or time-consuming for an unauthorized
    person to unscramble (decrypt) it
    11-7
    Securing
    E-Commerce Communications
     plaintext
    An unencrypted message in human-readable
    form

    Example : 1234567812345670

     ciphertext
    A plaintext message after it has been
    encrypted into a machine-readable form

    Example : 0x96a45cbcf9c2a9425cde9e274948cb67
    11-8
    Securing
    E-Commerce Communications
     Secure Socket Layer (SSL)
    Protocol that utilizes standard certificates
    for authentication and data encryption to
    ensure privacy or confidentiality
     Transport Layer Security (TLS)
    As of 1996, another name for the SSL
    protocol

    11-9
    Securing
    E-Commerce Networks
     FIREWALLS
     firewall
    A single point between two or more
    networks where all traffic must pass (choke
    point); the device authenticates, controls,
    and logs all traffic

    11-10
    Securing
    E-Commerce Networks
     Firewalls can be designed to protect
    against:
     Remote login
     Macros
     Viruses
     Spam

    11-11
    Securing
    E-Commerce Networks

    11-12
    Securing
    E-Commerce Networks

     Disaster Recovery Planning


    Data and Hardware Back up in the network

    11-13

    You might also like