This document discusses security issues related to ecommerce systems. It covers types of threats like disasters, security breaches, errors and bugs. It also discusses controls like encryption, authentication, digital signatures and certificates to secure systems and transactions. The document emphasizes that security is important from the initial design phase and throughout a system's lifecycle to protect businesses and customer data.

1. ECOMMERCE:
SECURITY

2. OVERVIEW
Why are modern day information systems so vulnerable
to destruction, error, abuse, and system quality
problems?
What types of controls are available for ecommerce
systems?
What special measures must be taken to ensure the
reliability, availability and security of electronic
commerce and digital business processes?
Why are auditing ecommerce systems and safeguarding
data quality so important?

3. THE BUSINESS
PREDICAMENT
Do we design systems that over-controlled, and therefore not
functional, or unrestricted and under-controlled?
How do we applying quality assurance standards in large
ecommerce systems projects

4. THE BUSINESS
PREDICAMENTThe major concerns for businesses
Disaster
 The possible destruction of computer hardware, programs, data files,
and other equipment
Security
 Preventing unauthorized access, alteration, theft, or physical damage
to equipment
Errors
 Computer actions that may disrupt or destroy organization’s record-
keeping and operations
Bugs
 Program code defects or errors
Maintenance Nightmare
 Maintenance costs high due to organizational change, software
complexity, and faulty system analysis and design

5. THE GENERAL PROCESSING
MODEL
Unfortunately, all of these stages
can contain elements of failure,
unless a strategy is implemented,
and software quality assurance
standards are implemented
Figure 1

6. THE COST OF POOR
DESIGN
Figure 2

7. THE BUSINESS
PREDICAMENTControl
What is needed?
 Methods, policies, and procedures
Why is it needed?
 Ecommerce systems may provide (limited) access to a business
central infrastructure
 Ensures protection of organization’s assets
 Ensures accuracy and reliability of records, and operational
adherence to management standards
When should this occur?
 From the ideas inception, to the completion of the ecommerce
system

8. CONTROLLING OUR
ECOMMERCE PLANAt a business level:
Market research into user needs, and identified areas for
business expansion
A business and financial plan for forecasting frequency of
use, and suspected revenue turnover
A strategy on how to implement this plan, alongside our
current business plan (if we are expanding a “brick and
mortar” business that is).
 A review of our internal technical skills – are our staff
competent enough to implement this, or should we
outsource.

9. CONTROLLING OUR
ECOMMERCE PLANGeneral controls
Establish framework for controlling design, security, and
use of computer programs
Include software, hardware, computer operations, data
security, implementation, and administrative controls.
These may include:
 Personnel controls: Ensuring that only authorised personal
undertake elements of the project
 Customer controls: Ensuring that protection is provided from the
global customer layer of the ecommerce system, to the business
infrastructure layer of business operations

10. CONTROLLING OUR
ECOMMERCE PLANProtecting our company
On-line transaction processing: Transactions entered
online are immediately processed by computer, and
recorded for audit
Fault-tolerant computer systems: Contain extra hardware,
software, and power supply components in case of
element failure
High-availability computing: Tools and technologies
enabling system to recover from a crash, or power cut
Disaster recovery plan: Plan of action in case of
ecommerce system failure. Ask yourself the question, if
we trade online and the “shop front” is gone, how do we
trade?
Load balancing: Heavy traffic will need distribution over a
large servers

11. CONTROLLING OUR
ECOMMERCE PLAN
Protecting our company
Mirroring: Duplicating all processes and transactions of
ecommerce on backup server to prevent any interruption
Clustering: Linking two computers together so that a
second computer can act as a backup to the primary
computer or speed up processing
Firewalls: For prevent unauthorised users from accessing
a private internal network, or accessing private data. Don’t
forget this covered under the data protection act.
Intrusion Detection Systems or Personnel to monitor
vulnerable points in the network to detect or deter
unauthorized intruders

12. CONTROLLING OUR
ECOMMERCE PLAN
How many of you have assumed that security of ecommerce
systems is an Internet threat only?
I would bet the majority of you…..
Now we need to forget that we have planned for ecommerce
systems, and consider in depth our security issues
We shall look at security in terms of the whole networked
community, not just ecommerce.
Why? Because security is more often than not overlooked at a local
level, never mind at a global level!
Security is a major concern, not just at a global interface level, but
at an internal business level too…

13. SECURITY
This raises big questions…..
What is security?
What constitutes security?
What examples can we provide of security?

14. SECURITY NEEDS
Who says we need security?:
Data Protection Acts 1984 & 98
Telecommunications (Lawful Business Practice)
(Interception of Communications) Regulations 2000
Allows employers to monitor or record communications
without consent
to establish the existence of facts relevant to the business
to ascertain compliance with regulations
to ascertain standards which ought to be achieved by staff
to detect unauthorised use

15. INFORMATION SECURITY
Reformed:
Two major reforms over
last several decades
 Computer Security
 Network Security
Widespread use of data
processing
Security previously
handled by:
 Physical means: Filing
cabinet and lock
 Administrative means:
Personnel
Computers
Introduction meant that
new regulations had to
be imposed by
organisations to secure
data
Shared systems, were
worse because of
sending / retrieving data
of numerous systems

16. INFORMATION SECURITY
Routing Services
Security Office
Server Protection

17. WHY THE REFORMS?
Computer Security:
Evolved with the need
to protect data
Needed to prevent
hackers
Needed to abide by
data protection act
Network Security:
Heightened by the need
for distributed systems
Heightened by the need
for secure networks and
communications
Need to protect data
during transmission
Ensure data is authentic

18. LOCAL INFORMATION
SECURITY
Various methods available:
DVD-RAM Drive
SAN’s
RAID Arrays
Most efficient (and common) method:
DAT / DLT
Data security is big business!
Storage “off-site”
Storage in safes
 Fireproof!
 Bombproof!

19. SECURITY
REQUIREMENTSClassified in three ways:
Confidentiality:
 Authorised parties can read the data
 Disclosure of data to relevant source
Integrity:
 Authorised parties can modify the data
 Changes status of the data by relevant source
Availability:
 Authorised parties can access the data

20. WHAT NEXT?
We have planned….
We have designed….
We have restricted access….
We have investigated our needs….
We then sit back and wait while our systems are attacked….

21. NETWORK ATTACKS!
Passive:
“Eavesdropping”
“Release of message contents”:
 Extracting information from mail messages, telephone
conversations etc
“Traffic Analysis”:
 Analysis of message lengths, Tx & Rx, to guess the types of
information being Tx & Rx.

22. NETWORK ATTACKS
Active Attacks:
 “Masquerade”:
 One node pretends to be another node.
 Tx is fooled into thinking that Rx has received message.
 “Replay”:
 Captures data and then retransmits to fool Tx into thinking the message
was unauthorised
 “Modification of Message”:
 The Tx message is intercepted, and modified to the intruders benefit – e.g.
Funds Balances etc.
 Message is forwarded to intended Rx
 “Denial of Service”
 Inhibits or hinders data communications traffic, but targeting the
management and communications facilities

23. NETWORK ATTACKS
Passive:
Sniffers / Probes
Difficult to detect
Do not alter data
Can prevent these
attacks
Prevention, rather
than detection
Active:
Opposite to passive
Difficult to prevent
(Could be done by
physical protection)
Detect, and recover
Detection can also be
a prevention, as
intruder is often found

24. NETWORK ATTACKS
Passive Threats Active Threats
Release of
message
content
Traffic analysis Masquerade Replay Modification of
message
contents
Denial of
service

25. GLOBAL ELECTRONIC
SECURITY-ENCRYPTION
Automation
 Automation of Tx and Rx is done through encryption
 This ensures authenticated and unique data
 Provides a security layer to the network
Encryption:
 We shall look at encryption in two ways:
 Symmetric Encryption
 Public-key Encryption (Asymmetric)
 Well known examples
 THWATE
 Comodo
 Both versions of Verisign SSL.

26. ENCRYPTION
Symmetric (Single Key):
Pre-1970’s public key encryption standard
Stallings (2000) says that the idea has been used
by such adversaries as Julius Caesar and the
German U-Boot commanders
Requirements for symmetric encryption:
Strong algorithm to protect the key
Even if intruder access message, key should be
protected
Tx & Rx must obtain the secret key in a secret fashion

27. ENCRYPTION
Symmetric (Single Key):
 Encryption is made up of 5 major areas:
 Plaintext: Original method before encryption
 Encryption algorithm: Transforms plain text
 Secret Key: Provides extra substitutions and transformations to the Encryption Algorithm
 Ciphertext: The new message that is created to be sent
 Decryption algorithm: The encryption & secret key in reverse algorithm

28. ENCRYPTION
Symmetric:
Plain
Text
Plain
Text
Ciphertext
Encryption
Algorithm
Decryption
Algorithm
Adapted from Stallings (2000), Figure 18.2, page 653
Secret Key Secret Key

29. ENCRYPTION
Symmetric – Breaking the code:
Cryptanalysis:
Utilise analysis of the ciphertext to attempt to produce a
secret key.
Sometimes pairs two ciphertexts to attempt to deduce a
common encoding
If key is found, all future messages using that key are
compromised
Brute-force:
Attempts to try every combination of secret keys on the
ciphertext to deduce the plain text.

30. ENCRYPTION
Stallings (2000) quotes the times for breaking a secret key as
follows:
Key Size (bits) Number of
alternative keys
Time required to
decode at 1
Encryption per uS
Time required to
decode at 1 million
Encryption per uS
32 4.3 x 109
35.8 Minutes 2.15 milliseconds
56 7.2 x 1016
1142 years 10.01 hours
128 3.4 x 1038
5.4 x 1024
years 5.4 x 1018
years
168 3.7 x 1050
5.9 x 1036
years 5.9 x 1030
years

31. ENCRYPTION
Public Key:
Biggest advancement in encryption in years –
because it use Mathematics to calculate the key.
Public key cryptography uses two keys, rather than
one – hence, sometimes referred to asymmetric.
Symmetric encryption is still in use, and will
continue to be
This is because of the computational overhead
associated with public key encryption

32. ENCRYPTION
Asymmetric (Public Key):
Encryption is made up of 5(6) major areas:
Plaintext: Original method before encryption
Encryption algorithm: Transforms plain text
Public and Private Key: Pair of keys that have been selected
for encryption. One is used as encryption, one as decryption.
Ciphertext: The two new messages that are created to be
sent, one by the public key, and one by the private key
Decryption algorithm: The encryption & secret key in reverse
algorithm

33. ENCRYPTION
In English:
1. Each user generates a pair of keys for
encryption and decryption.
2. Each user places the public key in an
accessible file. The companion private key is
kept private.
3. If A wishes to send a message to B, A
encrypts the message using B’s public key.
4. When B receives the message, B decrypts the
message using it’s own private key. No one
else can, because no-one else uses B’s
private key

34. DIGITAL SIGNATURES
Confirming the source:
Used extensively now due to the Internet
When a digital signature is sent to the receiver, the
message is encoded using the senders private key
At the receiving end, the message should be able to be
decoded using the senders public key.
If it can be decoded, it can be assumed that the sender
must have made the message and it’s okay
If it can’t be decoded, it can be assumed that the
sender couldn’t have made the message, and should
be disposed of.

35. PROTECTING YOURSELF
Ports
 Open ports allow access to a variety of problems
 Port Scanner
 Nanoprobe
 Finding an open port tells you what services are available!
 Close down as many as necessary to make the system secure.

36. FIREWALLS
Firewalls:
 Firewalls are used to limit or allow connections through a network
 Firewalls are gateways that provide this
 They can limit or allow connections based on:
 IP Address
 Port Number
 If you like firewalls are watchdogs for your computer’s open doors.

37. SECURITY CHALLENGES
Figure 3

38. OVERVIEW OF
ELECTRONIC SECURITY
METHODSEncryption: Encoding and scrambling of messages to prevent their
access without specific authorization. Most commonly used when
transferring sensitive data electronically across (e.g.) the Internet
Authentication: Providing secure mechanisms for accessing specific
elements of the ecommerce system. Most common method is
registration with the ecommerce system, and using usernames and
passwords.
Digital signature: Digital code attached to electronically transmitted
message to uniquely identify contents and sender. Implemented
when receiver needs to be assured of author of message (adopted
now in hardware and operating system drivers)
Digital certificate: Attachment to electronic message to verify the
sender and to provide receiver with means to encode reply
Secure Electronic Transaction (SET): Standard for securing credit
card transactions over Internet and other networks