第十一章 電子商務安全 (e-commerce security). 淡江大學資管系所侯永昌 1 learning...
TRANSCRIPT
第十一章電子商務安全
(E-Commerce Security)
淡江大學資管系所侯永昌 2
Learning Objectives
1.電腦與網路安全議題的現狀與趨勢2.電子商務有哪些資訊安全的相關議題3.有哪些常見的網路攻擊的方式4.安全管理上有哪些常見的認知錯誤5.有哪些技術常用於確保電子商務的資料通訊安全
6.有哪些技術常用於確保電子商務的網站安全
淡江大學資管系所侯永昌 3
2005年 CSI/FBI的調查報告(I)
有接近 50% 的企業發生過內部員工不當的使用網路權限 (insider abuse of net access)
有超過 30% 的企業曾經被內部員工盜 取未經授權的資訊 (unauthorized access to information) 和曾經遭受過阻絕攻擊 (denial of services, DoS)
有 15% 左右的企業曾經遭受無線網路被濫用 (abuse of wireless network) 和曾經遭受外人的入侵 (system penetration)
有 10% 左右的企業曾經遭遇到網路上的詐欺行為 (financial and telecom fraud) 和曾經被外人盜取機密的資訊 (theft of proprietary information)
其它類型的犯罪形式,例如破壞檔案等,所佔的比率都比較低,約在 5% 左右
淡江大學資管系所侯永昌 4
2005年 CSI/FBI的調查報告 (II)
這些企業因為電腦犯罪的攻擊事件所造成的經濟損失約為 1 億 3 千萬美元,其中以
電腦病毒 ( 約 4,300 萬美元 ) 內部員工盜取未經授權的資訊 ( 約 3,100 萬美元 ) 外人盜取機密的資訊 ( 約 3,100 萬美元 )
這三項罪行所造成的損失最大,約佔整體損失的 81% 其次則為
阻絕攻擊 ( 約 730 萬美元 ) 內部員工不當的使用網路權限 ( 約 690 萬美元 )
其他類型的犯罪形式所造成的經濟損失則比較小,合計約為 1,000 萬美元左右
淡江大學資管系所侯永昌 5
2005年 CSI/FBI的調查報告(III)
在同一份報告中,有 72% 的受訪者聲稱在過去的一年中曾經遭受電腦犯罪的攻擊,但有趣的是,電腦犯罪的報案率卻由 2001 年的 38% 逐年下降到 2005 年的 20%
為甚麼有這麼多受害者寧願忍氣吞聲,自行尋求事後補救,也不願意將電腦犯罪的事件公開呢?回答的前四名分別是:
擔心會對公司的形象造成負面的影響 (43%) 擔心競爭對手以此做為競爭的工具 (33%) 覺得執法單位不重視電腦犯罪 ( 他們比較重視一般的社會犯罪事件 ) (16%)
擔心造成社會不安的氣氛 (16%)
淡江大學資管系所侯永昌 6
2005年 CSI/FBI的調查報告 (IV)Security solutions:
Antivirus software (100%) Firewalls (100%) Physical security – controlling physical
access to server (90%) Encrypted files and
transmissions(65~70%) Access control lists (65~70 %) Intrusion detection (65~70%)
淡江大學資管系所侯永昌 7
The Continuing Need for E-Commerce Security
Computer Security Institute (CSI) Nonprofit organization located in San Francisco, CA, that is
dedicated to serving and training information, computer, and network security professionals
Computer Emergency Response Team (CERT) Group of three teams at Carnegie Mellon University that
monitor the incidence of cyber attacks, analyze vulnerabilities, and provide guidance on protecting against attacks
National Cyber Security Division (NCSD) A division of the DHS (Department of Homeland Security)
charged with implementing U.S. cyberspace security strategy
淡江大學資管系所侯永昌 8
Security Is Everyone’s BusinessThe DHS (Department of Homeland Security)
strategy includes five national priorities:1. A national cyberspace security response system
2. A national cyberspace security threat and vulnerability reduction program
3. A national cyberspace security awareness and training program
4. Securing governments’ cyberspace
5. National security and international security cooperation
淡江大學資管系所侯永昌 9
Security Is Everyone’s Business
Accomplishing these priorities requires concerted effort at five levels:
Level 1—The Home User/Small Business Level 2—Large Enterprises Level 3—Critical Sectors/Infrastructure Level 4—National Issues and Vulnerabilities Level 5—Global
淡江大學資管系所侯永昌 10
What Kinds of Security Questions Arise?
From the user’s perspective: How can the user be sure that the Web server
is owned and operated by a legitimate company?
How does the user know that the Web page and form do not contain some malicious or dangerous code or content?
How does the user know that the owner of the Web site will not distribute the information the user provides to some other party?
淡江大學資管系所侯永昌 11
What Kinds of Security Questions Arise?
From the company’s perspective: How does the company know the user will
not attempt to break into the Web server or alter the pages and content at the site?
How does the company know that the user will not try to disrupt the server so that it is not available to others?
淡江大學資管系所侯永昌 12
What Kinds of Security Questions Arise?
From both parties’ perspectives: How do both parties know that the network
connection is free from eavesdropping by a third party “listening” on the line?
How do they know that the information sent back-and-forth between the server and the user’s browser has not been altered?
淡江大學資管系所侯永昌 13
Basic Security Issues (I)Authentication
The process by which one entity verifies that another entity is who he, she, or it claims to be• Something known: e.g. password• Something possessed: e.g. smartcard• Something unique: e.g. signature
Authorization The process that ensures that a person has the
right to access certain resources• Comparing with access control information associated with the resource being accessed
淡江大學資管系所侯永昌 14
Basic Security Issues (II)Auditing
The process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions• Log file
Confidentiality (Privacy): Information that is private or sensitive should
not be disclosed to unauthorized individuals, systems, or software processes• Encryption
淡江大學資管系所侯永昌 15
Basic Security Issues (III)Integrity:
Protecting data from being altered or destroyed in an unauthorized or accidental manner• Encryption while it is in transit
Availability: Ensuring that data and services are available
when needed• Load-balancing hardware and software
淡江大學資管系所侯永昌 16
Basic Security Issues (III)Non-repudiation:
Ability to limit parties from refuting that a legitimate transaction took place• Signature
淡江大學資管系所侯永昌 17
General Security Issues at EC Sites
Availability
淡江大學資管系所侯永昌 18
Attacks
淡江大學資管系所侯永昌 19
Nontechnical AttacksAn attack that uses chicanery to trick people into r
evealing sensitive information or performing actions that compromise the security of a network
Social engineering: A type of nontechnical attack that uses social pr
essures to trick computer users into compromising computer networks to which those individuals have access
• Individual’s desire to help• Individual’s fear of getting trouble• General trust among individuals
淡江大學資管系所侯永昌 20
Nontechnical Attacks“You try to make an emotional connection with th
e person on the other side to create a sense of trust and then exploit it”
Because the key to successful social engineering rests with the victims, the key to combating social engineering attacks also rests with the victims
A multiprong approach should be used to combat social engineering
Education and training Policies and procedures Penetration testing
淡江大學資管系所侯永昌 21
Technical AttacksAn attack perpetrated using software and sy
stems knowledge or expertise Distributed Dos (DDoS) attacks Malicious code attacks
Vulnerability is a mistake that can be directly used by a hacker to gain access to a system or network
Exposure is a mistake in software that allow access to information or capabilities that can be used by a hacker as a stepping-stone in to a system or network
淡江大學資管系所侯永昌 22
Technical AttacksCommon (security) vulnerabilities and ex
posures (CVEs) Publicly known computer security risks, which are
collected, listed, and shared by a board of security-related organizations
The number of known CVEs has grown from approximately 320 in 1999 to more than 3000 in 2004; there are almost 4250 CVE candidates under consideration for acceptance as CVEs
Examining the list of the top 20 CVEs, one quickly realizes that all of the CVEs are very technical in nature
淡江大學資管系所侯永昌 23
Denial-of-service AttacksDenial-of-service (DoS) attack
An attack on a Web site in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources
Distributed Dos (DDoS) attack A denial-of-service attack in which the attacker
gains illegal administrative access to as many computers on the Internet as possible and uses the multiple computers to send a flood of data packets to the target computer
淡江大學資管系所侯永昌 24
Using Zombies in a DDoS Attack
淡江大學資管系所侯永昌 25
Malicious Code AttacksMalware: A generic term for malicious soft
wareA number of factors have contributed to the
overall increase in malicious code. Among these factors, the following are paramount:
Mixing data and executable instructions Increasingly homogenous computing environm
ents Unprecedented connectivity Larger clueless user base
淡江大學資管系所侯永昌 26
Trends in Malicious Code Attacks (I)Increased speed and volume of attacks
The Slammer worm in 2003 doubled in size every 8.5 seconds, infecting approximately 75000 machines within 10 minutes
Reduced time between the discovery of a vulnerability and the release of an attack to exploit the vulnerability
The average time was 5.8 days in the first half of 2004
Remotely-controlled robot networks are growing The number of monitored robots rose from well under
2000 computers to more than 30000 Robots can be upgraded easily and quickly to run
malicious code
淡江大學資管系所侯永昌 27
Trends in Malicious Code Attacks (II)E-commerce is the most frequently targeted industry
16% in 2004 vs. 4% in 2003 The motivation of attackers may be shifting from looking
for notoriety to seeking illicit financial rewards
Attacks against Web application technologies are increasing
39% of disclosed vulnerabilities in the first half of 2004 were associated with Web application technologies
A large percent (more than 40%) of Fortune 100 companies have been compromised by worms
These networks are still susceptible to exploitation by the potential attackers
淡江大學資管系所侯永昌 28
Malicious Code (I)Viruses:
A virus is a piece of code that inserts itself into a host, including the operating systems, in order to propagate.
It cannot run independently. It requires that its host program be run to activate it.
Viruses have two components:• A propagation mechanism by which it spreads• What the virus does once it is executed
Sometimes the execution is triggered by a particular event, for example, Michelangelo virus
Some viruses simply infect and spread. Others do a substantial damage
淡江大學資管系所侯永昌 29
Malicious Code (II)Worm:
A worm is a program that can run independently, will consume the resources of its host from within in order to maintain itself, and can propagate a complete working version of itself onto another machine
The major difference between a worm and a virus is that a worm propagates between systems, whereas a virus propagates locally
淡江大學資管系所侯永昌 30
Malicious Code (III)Macro viruses and macro worms:
A macro virus or macro worm is usually executed when the application object (e.g., spreadsheet, word processing document, e-mail message) containing the macro is opened or a particular process is executed (e.g., a file is saved)
Melissa and ILOVEYOU were both examples of macro worms that were propagated through Microsoft Outlook e-mail
淡江大學資管系所侯永昌 31
Malicious Code (IV)Trojan horse:
A Trojan horse is a program that appear to have a useful function but also contains a hidden and unintended function that presents a security risk
Trojans are self-contained and self-installing utilities that can be used to remotely control and monitor the victim’s computer over a network
• The server is the program that runs on the computer under attacks
• The client is the program used by the person perpetrating the attack
淡江大學資管系所侯永昌 32
Malicious Code (V)One key malware trend is the rise of code that exp
loits and alters the user’s operating system down to the kernel level
The best way to defend against Trojan horses is to implement strict polices and procedures for install new software
End users should be forbidden from installing unauthorized programs
Administrators need to check the integrity of programs and patches that are installed
New programs and tools should be installed in a test environment before putting them into a production environment
淡江大學資管系所侯永昌 33
Managing EC SecurityCommon mistakes in managing security risks:
Undervalued information :不了解資訊的價值以致於不受重視
Narrowly defined security boundaries :只重視內部網路的安全而忽略外部 ( 例如:上下游客戶 ) 的影響
Reactive security management :等到事情發生了才來亡羊補牢
Dated security management processes :安全的設施、知識與訓練跟不上環境的變化
Lack of communication about security responsibilities :安全被認為是 IT 部門的工作,而非整個組織的工作,以致於大部分的人不關心也不懂
淡江大學資管系所侯永昌 34
Security Risk ManagementA systematic process for determining the
likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks
Security risk management consists of three phases:
Asset identification Risk assessment Implementation
淡江大學資管系所侯永昌 35
Security Risk managementAsset identification
Inventory organization’s information assets, determine the relative value and criticality
Risk assessment Delineate threats against those assets, such as
hackers, viruses, disgruntled employees, human error, system failures
Identify the vulnerabilities of the systems Calculate quantitative risk for each asset in order to
determine which assets should be safeguarded and which threats need to be minimized
淡江大學資管系所侯永昌 36
Security Risk managementImplementation
Organization arrives a set of security policies defining which threats are tolerable and which are not
• Particular technologies are chosen to address the high priority threats
Establish an incident response team and contingency plan Establish process for audit and review at least every 6
months• Which policies and technologies are successful• Which are unsuccessful and need modification• What types of new threats are appearing on the horizon
淡江大學資管系所侯永昌 37
Access Control and AuthenticationAccess control
Mechanism that determines who can legitimately use a network resource and which resources he, she, or it can use
Access control list Define which users have access to which
resources and what rights they have with respective to those resources (i.e. read, write, print, copy, delete, execute, modify, or move)
淡江大學資管系所侯永昌 38
Access Control and AuthenticationAuthentication
The process of verifying that the user is who he or she claims to be
• Something one knows: e.g. passwords• Something one has: e.g. a token• Something one is: e.g. fingerprint
Passwords are insecure because people has a habit of
Writing down in easy-to-find places Choosing values that are guessed easily Willing telling people their passwords when
asked
淡江大學資管系所侯永昌 39
Biometric Systems
Biometric systems Authentication systems that identify a person by
measurement of a biological characteristic, such as fingerprints, iris (eye) patterns, facial features, or voice
Physiological biometrics Measurements derived directly from different parts of the
body (e.g., fingerprint, iris, hand, facial characteristics)
Behavioral biometrics Measurements derived from various actions and
indirectly from various body parts (e.g., voice scans or keystroke monitoring)
淡江大學資管系所侯永昌 40
Biometric SystemsFingerprint scanning
Measurement of the discontinuities of a person’s fingerprint, which are then converted to a set of numbers that are stored as a template and used to authenticate identity
Iris scanning Measurement of the unique spots in the iris (colored
part of the eye), which are … to authenticate identityVoice scanning
Measurement of the acoustical patterns in speech production, which are then … to authenticate identity
Keystroke monitoring Measurement of the pressure, speed, and rhythm
with which a word is typed, which is then … identity
淡江大學資管系所侯永昌 41
Public key infrastructurePublic key infrastructure (PKI)
A scheme for securing e-payments using public key encryption and various technical components
Encryption The process of scrambling (encrypting) a
message in such a way that it is difficult, expensive, or time-consuming for an unauthorized person to unscramble (decrypt) it
Plaintext An unencrypted message in human-readable
form
淡江大學資管系所侯永昌 42
Public key infrastructureCiphertext
A plaintext message after it has been encrypted into a machine-readable form
Encryption algorithm The mathematical formula used to encrypt t
he plaintext into the ciphertext, and vice versa
Key The secret code used to encrypt and decry
pt a message
淡江大學資管系所侯永昌 43
Public key infrastructureSymmetric (private) key system
An encryption system that uses the same key to encrypt and decrypt the message
Data Encryption Standard (DES) The standard symmetric encryption algorithm s
upported the NIST and used by U.S. government agencies until October 2, 2000
Rijndael The new Advanced Encryption Standard used t
o secure U.S. government Communications since October 2, 2000
淡江大學資管系所侯永昌 44
Symmetric (Private) Key Encryption
淡江大學資管系所侯永昌 45
Public key infrastructureAsymmetric (Public) Key Encryption
Method of encryption that uses a pair of matched keys—a public key to encrypt a message and a private key to decrypt it, or vice versa• Public key: Encryption code that is publicly
available to anyone• Private key: Encryption code that is known
only to its owner The most common public key encryption
algorithm is RSA. RSA uses keys ranging in length from 512 bits to 1024 bits
淡江大學資管系所侯永昌 46
Public Key Encryption由於私鑰僅被個人持有,所以也只有他能解開由公鑰所加密的密 文;假使發信者以收信者的公鑰加密,然後傳輸到收信者端 ( 對應的私鑰持有 人 ) 再以其私鑰解密,即可達到「秘密通信」的目的
淡江大學資管系所侯永昌 47
Public Key Encryption當一份密文經過公鑰解密後可以得到有意義的資訊,那麼 該密文一定就是由相對應的那一把私鑰所加密的。但由於私鑰只有原始寄信者才知道,亦即信件一定是來自該私鑰的擁有者,因此可以達到「昭告天下」 或「不可否認性」的要求
淡江大學資管系所侯永昌 48
DiscussionsThe main problem with public key
encryption is speed. Symmetric algorithms are significantly faster than asymmetric algorithms
Therefore, public key encryption cannot be effectively to encrypt and decrypt large amounts of data
In practice, a combination of symmetric and asymmetric encryption is used to encrypt message
淡江大學資管系所侯永昌 49
Digital Signatures
淡江大學資管系所侯永昌 50
Digital SignaturesHash
A mathematical computation that is applied to a message, using a private key, to encrypt the message
Message digest A summary of a message, converted into a string of
digits, after the hash has been applied
Digital signature An identifying code that can be used to authenticate the
identity of the sender of a document
Digital envelope The combination of the encrypted original message and
the digital signature, using the recipient’s public key
淡江大學資管系所侯永昌 51
Digital SignaturesThe recipient has evidence that the sender
sent the message because (theoretically) the sender is the only one with access to private key
The recipient knows that the message has not been tampered with, because if it had been the two hashes would not have matched
淡江大學資管系所侯永昌 52
Public key infrastructure當某人告訴你說他是侯永昌,並給你一個 public ke
y ,請你傳訊息給他。你怎麼知道他就是真的侯永昌?這個 key 是不是真的侯永昌的 public key?
Digital certificate Verification that the holder of a public or private key is w
ho he or she claims to be A certificate contains things such as the holder’s name,
validity period, public key information, and a signed hash of the certificate data with th CA’s private key
Certificate authorities (CAs) Third parties that issue digital certificates
淡江大學資管系所侯永昌 53
Public key infrastructureSecure Socket Layer (SSL)
Protocol was invented by Netscape that utilizes standard certificates for authentication and data encryption to ensure privacy or confidentiality
It is the major standard used for online credit card payments
In 1996, SSL was renamed Transport Layer Security (TLS)
淡江大學資管系所侯永昌 54
Securing EC Networks (I)Layered security
A variety of technologies must be applied at key points in a network
淡江大學資管系所侯永昌 55
Securing EC Networks (II)Controlling access
Policy of least privilege (POLP): Policy of blocking access to network resources unless access is required to conduct business
Role-specific security Access to particular network resources should be
based on a user’s role within an organization
Monitoring Many organizations go through the process of
establishing security plans and policies, setting up securities technologies, and then fail to monitor their networks to ensure that they remain secure
淡江大學資管系所侯永昌 56
Securing EC Networks (III)Keep systems patched
Most large organizations are painfully aware that vendors are continually patching or upgrading their software, applications, and systems to plug security holes
Response team Organizations need to have a team in place that can
respond to various attacks The team needs to have well-established plans,
processes, and resources and should practice responding when the pressure is off rather than learning during a crisis
淡江大學資管系所侯永昌 57
FirewallsA network node consisting of both
hardware and software that isolates a private network from a public network
There are basically two types of firewalls: Packet-filtering routers Application-level proxies
淡江大學資管系所侯永昌 58
Packet-filtering routersFirewalls that filter data and requests
moving from the public Internet to a private network based on the network addresses of the computer sending or receiving the request
Packets Segments of data and requests sent from one
computer to another on the Internet Consist of the Internet addresses of the
computers sending and receiving the data, plus other identifying information that distinguish one packet from another
淡江大學資管系所侯永昌 59
Packet-Filtering routersUse a set of rules to determine which
communication packets can move from the outside network to the inside network
Set rules that can accept or reject incoming packets based on source and destination IP address, source and destination port numbers, and packet type (information contained in the packet header); for examples:
Block all packets sent from a given Internet address Block any packet coming from the outside that has the
address of a computer on the inside
淡江大學資管系所侯永昌 60
Packet-Filtering routersAdvantages:
Provide low-level control and are difficult to get around
Disadvantages: Miss some important rules or incorrectly
specify a rule, thus leaving a hole in the firewall Because the content of a packet is irrelevant to
a packet filter, once a packet is let through a firewall, the inside network is open to data-driven attacks
Packet-filtering routers often are used as the first layer of network defense
淡江大學資管系所侯永昌 61
Application-level proxyA firewall that blocks data and requests depending
on the type of applications being accessed This type of firewall often involves a special server
called a bastion gateway that accepts requests from the outside for particular services and repackages the request before sending it to the inside network, thus ensuring the security of the request
There is a proxy for each Internet service that an organization wishes to support. If a request is made for an unsupported proxy service, then it is blocked by the firewall
淡江大學資管系所侯永昌 62
Application-level proxyBastion gateway
A special hardware server that utilizes application-level proxy software to limit the types of requests that can be passed to an organization’s internal networks from the public Internet
Proxies Special software programs that run on the
gateway server and pass repackaged packets from one network to the other
淡江大學資管系所侯永昌 63
Application-Level Proxies In addition to controlling inbound traffic, all
outbound traffic requests look as if they were coming from a single computer rather than multiple computers. In this way, the IP address of the internal computers are hidden to the outside
Disadvantage: It takes more processing time to tie particular packets
to particular applications The users on the internal network must configure their
machines or browsers to send their Internet requests via the proxy server
淡江大學資管系所侯永昌 64
Application Level Proxy (Bastion Gateway Host)
淡江大學資管系所侯永昌 65
Personal FirewallsPersonal firewalls are designed to protect
homeowner’s desktop systems from the public network by monitoring all the traffic that passes through the computer’s network interface card
They operate in one of two ways: The owner can create filtering rules that are
used by the firewall to permit or delete packets The firewall can learn by prompting the user to
ask how particular traffic ought to be handled
淡江大學資管系所侯永昌 66
Demilitarized Zone (DMZ)Network area that sits between an organization’s
internal network and an external network (Internet), providing physical isolation between the two networks that is controlled by rules enforced by a firewall.
淡江大學資管系所侯永昌 67
Virtual Private Networks (VPNs)With a private line, the chance of a hacker e
avesdropping on the communications between the companies would be nil, but it is an expensive way to do business
VPNs which enable secure transmissions across the Internet are generally used to support site-to-site transmissions between B2B partners or communications between a mobil and remote worker and a LAN at a central office
淡江大學資管系所侯永昌 68
Virtual Private Networks (VPNs)VPN can reduce communication costs dramatically
20~40% cost saving for sites in the same country 60~90% cost saving for sites in the different countries 60~80% cost saving for mobile and remote workers
VPN creates a “protocol tunnel” between the nodes on the network
Method used to ensure confidentiality and integrity of data transmitted over the Internet, by encrypting data, encapsulating into packets and transmitting them across the Internet, and decrypting them at the destination address
淡江大學資管系所侯永昌 69
Virtual Private Networks (VPNs)A VPN uses the public Internet to carry
information but remains private by using a combination of Encryption to scramble the communications Authentication to ensure that the information
has not been tampered with and comes from a legitimate source
Access control to verify the identity of anyone using the network
淡江大學資管系所侯永昌 70
Virtual Private Networks (VPNs)Three technologies used to create a VPN
Many of the firewall packages – hardware and software – support VPN functionality
Routers cannot only function as firewall, but they can also function as VPN servers
There are software solutions that can be used to handle VPN connections
Many telecom carries and larger ISPs offer VPN services for Internet-based dial-up and site-to-site communications
淡江大學資管系所侯永昌 71
Intrusion Detection Systems (IDS) In the past, audit logs were manually reviewed for
excessive failed logon attempts, failed file and database access attempt, and other application and system violations
Today, there is special category of software (Intrusion Detection Systems; IDS) that can monitor activity across a network or on a host computer, watch for suspicious activity, and take automated actions whenever a security breach or attack occurs
淡江大學資管系所侯永昌 72
Intrusion Detection Systems (IDS)Host-based IDS resides on the server or other
host system that is being monitored It is good at detecting
Whether critical or security-related files have been tampered with
Whether a user attempts to access files that he is not authorized to use
It computes a special signature or checksum for each file. Then, it checks files on regular basis to see if the current signatures match the previous signatures. If it doesn’t match, security personnel are immediately notified
淡江大學資管系所侯永昌 73
Intrusion Detection Systems (IDS)Network-based IDS uses rules to analyze
suspicious activity at the perimeter of a network or at key locations in the networks Examine network traffic for known patterns of
attack Automatically notify security personnel when
specific events or event thresholds occur Perform certain actions when an attack occurs.
For instance, it can terminate network connections or reconfigure network devices based on security policies
淡江大學資管系所侯永昌 74
Honeynet and HoneypotsHoneynet
A honeynet is a network of honeypots designed to attract hackers like honey attracts bees
A technology used to detect and analyze intrusions
A way to evaluate vulnerabilities of an organization by studying the types of attacks to which a site is subjected using a network of systems called honeypots
淡江大學資管系所侯永昌 75
Honeynet and HoneypotsHoneypots
Production systems (e.g., firewalls, routers, Web servers, database servers) designed not to do real work but that are watched and studied as network intrusions occur
• Why hackers attack• When they attack• How they attack• What they do after the system is compromised• How they communicate with one another suring an
d after the attack
淡江大學資管系所侯永昌 76
Honeynet and HoneypotsAlthough a honeypot cannot prevent an attack, it c
an simplify the detection and reaction to an attack Because the only traffic on a honeypot comes from intru
ders, it is easier to analyze the data produced by a honeypot to determine what is happened and how to respond
Before a company deploys a honeypot, it needs to think about
What to do when it becomes the sense of a cyber crime or contains evidence of a crime
The legal restrictions and ramifications of monitoring legal and illegal activity
淡江大學資管系所侯永昌 77
Managerial Issues1. Have we budgeted enough for security?
Most organizations spend only a small percentage of their budgets on network security, have fairly few staffs working on network security issues, and generally relegate network security matters to personnel on lower rungs on the organizational ladder
Because the consequences of poor network security can be severe, it is imperative that senior management have a basic understanding of best practices in network risk management
淡江大學資管系所侯永昌 78
Managerial Issues2. What are the business consequences of
poor security? Damage to technical and information assets Theft of information and information services Temporary loss of a Web site and Internet
access Loss of income Litigation brought on by dissatisfied
organizational stakeholders Loss of customer confidence Damaged reputation and credibility
淡江大學資管系所侯永昌 79
Managerial Issues
3. Which e-commerce sites are vulnerable to attack?
Security through obscurity doesn’t work Because of the prevalence of automated
scanning tools, it will be a matter of days before hackers discover your site
All sites should thoroughly review their security requirements and institute stringer measures to guard against high-priority threats
淡江大學資管系所侯永昌 80
Managerial Issues
4. What is the key to establishing strong e-commerce security?
It’s the business that counts, not the technology
Business requirements determine information requirements
Once information requirements are known, you can begin to understand the value of those assets and the steps that should be taken to secure those that are most valuable and vulnerable
淡江大學資管系所侯永昌 81
Managerial Issues5. What steps should businesses follow in
establishing a security plan? Security is an ongoing, closed-loop process Monitor our existing policies and measures,
we can determine which are successful or unsuccessful and which should be modified or eliminated
Monitor changes in business requirements, changes in technology and the way it is used, and changes in the way people can attack our systems and networks
淡江大學資管系所侯永昌 82
Managerial Issues
6. Should organizations be concerned with internal security threats?
Except for viruses and worms, breaches perpetrated by insiders are more prevalent than those perpetrated by outsiders
Security policies and measures for EC sites need to address these insider threats
淡江大學資管系所侯永昌 83
Summary (I)
1. Trends in computer attacks Computer and network attacks are still a
substantial problem that can result in sizeable economic losses
2. Security is everyone’s business Because the Internet serves as the control system
for many of the critical infrastructures, security is a complex task requiring action at multiple levels, including home users and small businesses, large enterprises, critical sectors and infrastructure, and national and international agencies
淡江大學資管系所侯永昌 84
Summary (II)3. Basic security issues
Authentication: verify the identity of the participants in a transaction
Authorization: ensure that a person or process has access rights to particular systems or data
Auditing: be able to determine whether particular actions have been taken and by whom
Confidentiality: ensure that information is not disclosed to unauthorized individuals, systems, or processes
Integrity: protect data from being altered or destroyed Availability: ensure that data and services are available
when needed Nonrepudiation: the ability to limit parties from refuting t
hat a legitimate transaction took place
淡江大學資管系所侯永昌 85
Summary (III)4. Basic types of network security attacks
Nontechnical (social engineering) A perpetrator tricks people into revealing informatio
n or performing actions that compromise network security
Technical: software and systems expertise are used to attack the network DoS and DDoS attacks bring operations to a halt b
y sending floods of data to target computers or to as many computers on the Internet as possible
Malicious code attacks include virus, worms, Trojan horses, or some combination of these
淡江大學資管系所侯永昌 86
Summary (IV)5. Trends in malicious code
An increase in the speed and volume of attacks Reduce time between the discovery of a vulnerability
and the release of an attack to exploit the vulnerability The growing use of bots to launch attacks An increase in attacks on Web applications A shift in motivation behind attacks toward illicit
financial gain6. Managing EC security
Identification and valuation of key computer and network assets
Assessment of the security threats, vulnerabilities and risks associated with those assets
Selection, evaluation, and implementation of a set of security polices and measures to reduce high-priority threats, vulnerabilities, and risks
淡江大學資管系所侯永昌 87
Summary (V)7. Securing EC communications
Authentication can be established with something on knows (e.g., password), something one has (e.g., token), or something one is (e.g., fingerprint)
Biometrics systems (fingerprint scanner, iris scanner, facial recognition, and voice recognition) can be used to confirm a person’s identity
Public key infrastructure (PKI) uses encryption (private and public) to ensure privacy and integrity and digital signatures to ensure authenticity and nonrepudiation
Digital signatures are themselves authenticated through a system of digital certificates issued by certificate authorities (CAs)
淡江大學資管系所侯永昌 88
Summary (VI)8. Technologies for securing networks
A firewall is a combination of hardware and software that isolates a private network from a public network Packet-filtering router uses a set of rules to
determine which communication packets can move from the outside network to the inside network
Application-level proxy accepts requests from the outside and repackages a request before sending it to the inside network, thus ensuring the security of the request
Personal firewalls are needed by individuals with broadband access
淡江大學資管系所侯永昌 89
Summary (VII)8. Technologies for securing networks (continued)
VPNs are generally used to support secure site-to-site transmissions across the Internet between B2B partners or communications between a mobile and remote worker and a LAN at a central office
IDSs are used to monitor activity across a network or on a host; the systems watch for suspicious activity and take automated actions whenever a security breach or attack occurs
Honeynets and honeypots are being employed to gather information on intrusions and to analyze the types and methods of attacks being perpetrated