E-commerce Security Environment • Symantec: Over 50 overall attacks a day against business firms between July 2004– June 2005 • 2005 Computer Security Institute survey – 56% of respondents had detected breaches of computer security within last 12 months and 91% of these suffered financial loss as a result – Over 35% experienced denial of service attacks, and Over 75% detected virus attacks Good E-commerce Security Dimensions of E-commerce Security • Integrity: the ability to ensure that information being displayed on a web site or transmitted or received over the Internet, has not been altered in any way by an unauthorized party • Non-repudiation: the ability to ensure that e-commerce participants do not deny their online actions • Confidentiality: ability to ensure that messages and data are available only to those who are authorized Dimensions of E-commerce Security • Authenticity: ability to identify the identity of a person or entity with whom you are dealing with on the Internet • Privacy: the ability to control the use of information a customer provides about himself or herself to an e-commerce merchant • Availability: the ability to ensure that an e-commerce site continues to function as intended Tension: Security Vs Other Values • Security adds overhead and expense to businesses • There is tension between security and ease of use – The more security features added to a system the more difficult it is to use and the slower the site would become • Security vs. desire of individuals to act anonymously Security Threats • Three key points of vulnerability, from the technology perspective are: – The client, – The server, – The communications pipeline • Different types of security threats can occur to any of them – Malicious code, Phishing, hacking and cybervandalism, credit card fraud / theft, spoofing, denial of service, sniffing and insider jobs, poor software Malicious code / malware • Virus: a computer program that has ability to replicate or make copies of itself, and spread to other files • Most common ones are macro viruses, which are application specific – Affects the application, by copying it self to a template • File infecting viruses usually infect program files – (.com, .exe, .drv, .dll files) Malicious code / malware • Script viruses are written in script programming languages such as VBscript, javascript – Similarly with applets and ActiveX • Worm: a malware that is designed to spread from computer to computer – A worm does not need to be activated in order to replicate itself • Trojan horse: appears to be harmless, but then does something other than expected Impact of Malware • Server level malicious code attacks could bring down an entire web site – At the client, the amount of damage is limited to a single computer • It is a threat to integrity and continued operations, as it often change how a system functions or altering documents created on the system • In some cases the user is unaware of the attack give it time to damage systems Hacking and Cybervandalism • Hacker: individual who intends to gain unauthorized access to a computer system – Cracker: a hacker with criminal intent • Most of them get excited just by the challenge of breaking into corporate and government web sites • Some of them have malicious intensions and commit cybervandalism: Phishing • Any deceptive, online attempt by a third party to obtain confidential information for financial gain – Most popular type: e-mail scam letter – One of fastest growing forms of e- commerce crime • Threatens: privacy, confidentiality • Poorly designed server and client software: Increase in complexity of software programs has contributed to an increase is vulnerabilities Types of Hackers • Tiger team: group of hackers employed by corporate security departments to test their own security measures. • White hats: good hackers that help organizations locate and fix security flaws • Black hats: hackers who act with intention of causing harm, reveal confidential information • Gray hats: break in and reveling system flaws Credit card fraud • Theft of credit card data is one of the most feared occurrence for e-commerce, which prevent users from making online purchases • Credit card files are a major target of web site hackers • E-commerce sites are good source of personal information – Name, address, credit card no, etc – Criminals can assume new identity using this personal information Spoofing (pharming) • To misrepresent oneself by using fake e- mail addresses or masquerading (pretending) as someone else – Can also involve Site masquerading – • Threatens the integrity of a site, stealing business from true sites, or altering orders – Also threatens authenticity by making it difficult to distinguish the true sender of message. Denial of Service Attacks • Denial of Service (DoS) attack: flooding a web site with useless traffic to inundate and overwhelm the network – Distributed-Dos (dDoS): when the attack is from numerous points • DoS attacks may cause a network to shut down, making it impossible for users to access the site. – Threatens the system’s continuing operations Sniffing • A type of eavesdropping program that monitors information traveling over a network – Used legitimately to identify potential network trouble spots • Sniffers enable hackers to steal proprietary information from anywhere on the network • The threat of sniffing: confidential or personal information will be made public Insider Jobs • The largest financial threat to business institutions come from stealing by insiders • For e-commerce: some of the largest disruption of services, destruction of sites, and diversion of customer credit data and personal information have come from insiders – Employees have access to privileged information roaming thought secure system is easier for employees Tools available to achieve site security Encryption • The process of transforming plain text or data into cipher text that cannot be read by anyone outside of the sender and the receiver – Key (cipher): is any method for transforming plain text to encrypt text. key key
Plaint Text Encrypt A@%5UO)# Decrypt Plaint Text
Cipher Text • Purpose of encryption – To secure stored information and – To secure information transmission Encryption & security dimensions • Message integrity: provides assurance that the message has not been altered • Non-repudiation: prevents the user from denying of messages he/she sent • Authentication: provides verification of the identity of the person sending the message • Confidentiality: gives assurance that the message was not read by others Classic Encryptions • Encryption have been practiced early Egyptian and Phoenician commercial records about 2000 years ago: • Substitution cipher: every occurrence of a given letter is replaced systematically by another letter – (Hello to Jgnnq) – substituting the letter of the alphabet n places ahead of the current letter Classic Encryptions • Transposition cipher: the ordering of the letters in each word is changed in some systematic way – (Hello to Olleh) • In Double Transposition first write the plaintext into an array of a given size and then transpose the rows and columns according to specified transpositions. – Key contains the size of matrix & row and column transposition (permutation)
Crypto CRY PTO OPT Optycr
PTO CRY YCR Classic Encryptions • A more complicated cipher: – Break all words into two words – Spell the first word with every other letter of second piece beginning with the first letter of the first piece – Then spell the second word with all the remaining letters. – Example: Hello ---> Hel lo ----> HLO EL • Problem: Computers are so powerful and fast that these ancient means of encryption can be broken quickly Symmetric Key Encryption • Symmetric key encryption (secret key encryption): both the sender and the receiver use the same key to encrypt and decrypt the message – Both parties must share the same key using some secure media • Problems • Key may be stolen • In commercial use, you would need a secret key for each of the parties with whom you transact Digital Encryption Systems • Modern encryption system are digital. The cipher or key used to transform plain text are digital strings – Example: Multiplying string by some bits • The more bits used in the key the stronger the encryption would be – Using 8-bit key, would have only 256 possibilities, which is easier for computers • Modern digital encryption system use keys with 56, 128, 256 or 512 binary digits Digital Encryption Systems example • Data Encryption Standard (DES): the most widely used symmetric key encryption, developed by the National Security Agency and IBM, which uses 56 bit key – Triple DES: encrypting the message three times to cope with fast computers Public Key Encryption • Two mathematically related digital keys are used: – A Public key: which is widely disseminated – A Private key: is kept secret by the owner • Both keys can be used to encrypt and decrypt a message – Once the keys are used to encrypt a message, that same key cannot be used to decrypt the message – Uses One way functions One way functions • Public key cryptography is based on the idea of irreversible mathematical functions. • One way functions: irreversible functions in which once the algorithm is applied, the input cannot be derived from the output, Like that of most recipes – Keys are long enough (128+ bits), it is hard to derive other keys from one key Public Key Cryptography - A Simple Case Issues of the simple case • Message confidentiality is assured • But recipient cannot be sure of the sender, as the recipient’s public key is available for everyone. • The sender can deny sending the message – repudiation • There is no guarantee that the message was not altered in transit ---- Lack of integrity Public Key Cryptography with Digital Signatures • Hash function: an algorithm that produces a fixed-length number called a hash or message digest • Digital signature: “signed” cipher text that can be sent over the Internet – It is unique as the private key is possessed by only one person • The recipient will apply the same hash function to receive the message and check the same result is produced. Issues of the Digital Signature • The result of a hash function are sent to the recipient - Encrypted by recipients public key • Sender re-encrypt the message one more time using his private key – results in digital signature • Integrity is ensured by the use of hash functions and the digital signature ensures authenticity … hence non repudiation – Including the issue of digital certificate Creating a Digital Envelope • Digital Envelope: a technique that uses symmetric encryption for large documents, but public key encryption to encrypt and send the symmetric key – This increases performance as it is compared to using public key encryption with digital signature for larger size documents – The Symmetric key sharing can be done through a more secure means public key cryptography Creating a Digital Envelope • Document is encrypted using a symmetric key • The symmetric key itself will be encrypted using the recipient's public key A key within a key = digital envelope • The recipient first uses his private key to decrypt the symmetric key • Then recipient uses the symmetric key to decrypt the document Digital Certificates and Public Key Infrastructure (PKI) • Digital Certificate a digital document issued by a certification authority • Public Key Infrastructure (PKI) are certification authorities and digital certificate procedures that are accepted by all parties To create a digital Certificate • User generates public/private key pair and send request for certification to a CA with public key • CA issues certificate containing the user’s public key and other related information • CA creates a message digest from the certificate itself and signs it with CA’s private key – The signed digest is called signed certificate • A customer can request the signed digital certificate of the merchant and decrypt it using merchant’s public key to obtain both the message and digest and the certificate Securing Channels of Communications • Secure Sockets Layer (SSL) is the most common form of securing channels • Establishes secure negotiated session: a client- server session in which the URL of the requested document, along with the contents, the contents of forms, and the cookies exchanged, are encrypted • Uses a session key: a unique symmetric key chosen for a single secure session, • Created after a number of communications – Involves identification, exchange of certificates, and negotiated of strong form of encryption Securing Channels of Communications • SSL provides data encryption, server authentication, optional client authentication and message integrity for TCP/IP connections • S-HTTP: a secure message oriented communication protocol designed for use in conjunction with HTTP – Designed to send each message securely – Cannot be used on non http messages • Virtual Private Networks: allow remote users to securely access internal networks via the Internet, using a Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol • PPTP: is an encoding mechanism that allows one local network to connect to another using the Internet as a conduit • A remote user dials in to a local ISP • PPTP makes the connection from the ISP to the corporate network, as if the user dialed in to the corporate network • PPTP creates a private connection by adding an invisible wrapper around the message to hide its content. • The process of connecting one protocol (such as PPTP) through another (such as IP) is called tunneling Protecting Networks • Firewall and proxy servers are used • Firewalls are software applications that act as a filter between a company’s private network and the Internet – Prevent remote client machines from attaching to your internal network – Monitor and validate all incoming and outgoing communications • Two methods used by firewalls for filtering: – Packet filtering – Application Filtering Firewalls Proxy Server • A software server that handles all communications originating from or being sent to the Internet, – Acting as a spokesperson or bodyguard for the organization – Primarily meant to limit access of internal clients to external Internet servers • Given a name = dual home systems because: – To internal servers proxy servers are called gateway, – To external machines mail servers / numeric servers Proxy Servers Protecting Servers and Clients • Operating system controls allow for the authentication of the user and access controls to files, directories, and network paths • Anti-virus software is the easiest and least expensive way to prevent threats to system integrity – Destroy the most common types of viruses as they enter a computer or from the hard disk – Need to be updated routinely • Intrusion detection: trigger alarms when sense hacker attacks