Security of E- Commerce Jarek Francik Kingston University November 2012 (updated version)
Security of E-Commerce
Jarek FrancikKingston University
November 2012(updated version)
Outline…
Introduction: Can you feel safe in the e-world?
e-risk:Where are we really exposed?
Remedies:Some technical solutions (firewalls, SSL)
Electronic Payment:How secure it may be?
Conclusion:Can we feel safe in the e-world (revisited)?
In 2010:
94% of organisations expect to implement security improvements to their computer systems
42% claim cyber security as their top risk
poll data provided by Symantec
"Computer security is difficult (maybe even impossible), but imagine for a moment that we've achieved it… Unfortunately, this still isn't enough. For this miraculous computer system to do anything useful, it is going to have to interact with users in some way, at some time, for some reason. And this interaction is the biggest security risk of them all. People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems“ (Schneier, 2000)
INTRODUCTIONCan you feel safe in the e-world?
Can you feel safe in the e-world?
ISP
on-line store
warehouse
Alice’s desk
customer’s bank
shop’s bank
Can you feel safe in the e-world?
Line Tapping
Eavesdropping at ISP
Sniffer on Internet backbone
Breaking into store database
Can you feel safe in the e-world? Alice’s risks:
The merchant may cheat:she will be billed for the order but will never get a CD In fact merchant cannot charge Alice’s card untilthey go through extensive application and verification procedure done by the credit card company
Alice’s credit card number may be stolen:she will be billed for orders she never made
In fact Alice is not liable or her liability is strongly limited in case of fraudulent card transactions
Information provided by Alice may be used against her (spam!) The merchant may take over Alice’s web browser and use it to
get information about her tastes and desires (spyware)
Can you feel safe in the e-world? Merchants risks:
Alice may be in fact the merchant’s competitor (or a robot) sniffing store’s inventory and price list
Alice may be in fact Jason, a hacker who has stolen Alice’s credit card number and buys CD’s illegally
Jason may break into the merchant’s computer and steal all credit card information; this opens the merchant to liability
Jason may change the orders so that to obtain hundreds of CD’s (for the price of one)
Jason may insert reverse charge orders and get money to his card
Jason may sabotage the on-line shop by changing or destroying other customers’ orders
Jason may sabotage the on-line shop by lowering prices on the store site
"A company may have purchased the best security technologies that money can buy, trained their people so well that they lock up all their secrets before going home at night, and hired building guards from the best security firm in the business. The company is still totally vulnerable... the human factor is truly security's weakest link"
Mitnick and Simon (2002).
Can you feel safe in the e-world?
Kevin Mitnick, The Art of Deception
Can you feel safe in the e-world? You can use encrypted transmission (SSL)
to stop eavesdropping You can buy firewalls to protect your
databases But how to defend against a
‘social engineering attack’?
view Kevin Mitnick at http://www.youtube.com/watch?feature=player_embedded&v=8L76gTaReeg
Kevin Mitnick / Declan McCullagh/CNET
E-RISK:Where we are really exposed?
source: http://tnaron.wordpress.com
Where we are really exposed? Physical Security
Reliability of equipment and network connection Direct access Accidental loss (e.g. memory sticks, laptops) Robbery (physical)
Human Factor passwords lack of awareness what information is sensitive accidental leakage of information (not intended e-mails) disloyalty (dishonest or dissatisfied personnel)
Where we are really exposed? Malware
viruses, worms, Trojan horses and spyware
Hacker Attacks Denial-of-service (DOS) attacks Access to sensitive data Altering the website Access to customer or partner information Corruption of business data
Where we are really exposed? Methods of hacker attacks:
Exploits - using system bugs or glitches, e.g.: Buffer overflows Input validation errors (SQL and code injections, directory traversal) Cross-site scripting HTTP header injections
Eavesdropping, wi-fi eavesdropping Indirect attacks Backdoors Denial-of-service (DOS) attacks Social attack (social engineering) Direct access attacks (physical)
Where we are really exposed? Impact of hacker attacks:
Direct financial loss (fraud or litigation) Subsequent loss (result of unwelcome publicity) Loss of a market share (if customer confidence affected) Legal liability and criminal charges
Where we are really exposed?
CIA Security Goals: Confidentiality (secrecy, privacy)
Access control and user authorisation
Integrity Data integrity (authorisation and control for data modification) Origin integrity:
proving your identity non-repudiation (you cannot deny you sent it...)
Availability Accessibility of assets at appropriate time
Where we are really exposed? Methodology:
Review existing controls Identify areas where more work is needed Monitor technological progress Anticipate potential new threats Read the headlines!
Customer reassurance
Customer reassurance
Provide information about the company(address, telephone, “about us”, “contact us”)
Provide order, delivery & returns guarantee Present symbols of trust: quality labels, guarantees,
secured payment Show off with recommendations and awards
Privacy Protection
Customer reassurance
Legal Acts: Data Protection Act Computer Misuse Act
Standards: ISO/IEC 27001
REMEDIESSome technical solutions(and not only technical)
Some technical solutions(and not only technical)
Malware proper maintenance (antivir software, good practice)
Human Factor1. make them aware2. make them aware3. make them aware
Physical Failures proper maintenance, procedures
Hacker Attacks …
Some technical solutions(and not only technical)
The Web Security Problem Securing the server and the data that are on it
restricted access minimised number of services available proper maintenance: frequent upgrades using a firewall
Securing the information in transit encryption: SSL – Secure Socket Layer
Some technical solutions(and not only technical)
The Web Security Problem Securing the server and the data that are on it
restricted access minimised number of services available proper maintenance: frequent upgrades using a firewall
Securing the information in transit encryption: SSL – Secure Socket Layer
Firewall
A Firewall is: A Controlled Point of Access for All Traffic
that Enters the Internal Network A Controlled Point of Access for All Traffic
that Leaves the Internal Network
Firewall
InternetInternet
Internal NetworkInternal Network
Firewall
Where to place a firewall?INTERNET
FIREWALL
Web ServerFIREWALL
Where to place a firewall?
ExternalFirewall
InternalFirewall
Perimeter NetworkPerimeter Network
InternetInternet
SSL Cryptography
encryption decryption
cryptography
plaintext
fubswrjudskb
ciphertext
SSL Cryptography
encryption decryption
cryptography
plaintext
fubswrjudskb
ciphertext
Symmetrical Cryptography
INTELLIGENCE PROBLEM (WWII):
Alice wants to send a crypted message to Bob.
They need to share the same key.
Alice created a key, but how to let Bob know it?
INTELLIGENCE PROBLEM (WWII):
Alice wants to send a crypted message to Bob.
They need to share the same key.
Alice created a key, but how to let Bob know it?
SSL Cryptography
KEY MAY BE INTERCEPTED!!!
SSL Cryptography
encryption decryption
cryptography
plaintext
fubswrjudskb
ciphertext
Asymmetrical Cryptography
public key
private key
SSL Cryptography
Asymmetrical Cryptography makes it possible to use separate keys for encryption and decryption.
To exchange messages:- use public key to encrypt- use private key to decrypt
SSL Cryptography
1. Bob creates a pair of different keys
2. Bob sends one of the keys to Alice
3. Everyone can get Bob’s public key and use it to encrypt a message
4. But only Bob has the decryption key!
ENCRYPTION KEY
DECRYPTIONKEY
SSL Cryptography
encryption decryption
cryptography
plaintext
fubswrjudskb
ciphertext
Electronic Signature
public key
private key
SSL Cryptography
Asymmetrical Cryptography makes it possible to use separate keys for encryption and decryption.
To exchange messages:- use public key to encrypt- use private key to decrypt
To use electronic signature:
- use private key to encrypt- use public key to decrypt
SSL Server Certification
1. Signed visit card is sent to us
WEB SERVERWE
A. Server sends a visit card
B. CA signs with its private key2. W
e know C
A public ke
y
3. We cannot decrypt the visit card unless it is signed by CA
CERTIFICATION AUTHORITY (CA)
SSL: How It Works1. Signed VISIT CARD is sent to us
2. We verify the VISIT CARD
4. We generate a SESSION KEY
5. We encrypt the SESSION KEY with the server’s PUBLIC KEY
6. We send encrypted SESSION KEY to server
8. Now a two-way encrypted communication is possible
3. We extract server PUBLIC KEY from the VISIT CARD
7. Server decrypts the SESSION KEY with its PRIVATE KEY
Electronic Payment Revisited
CUSTOMER SHOP
CUSTOMER’SBANK
SHOP’S BANK
CARD PAYMENT SYSTEM
11234 0000 0001 9876
2 7
34
5 10
6
89
and now…
and now…Can you feel safe in the e-world?
Can you feel safe in the e-world? Web security is not "all or nothing"
– it is a matter of degree More security – more reduced your risk Reduce risk as much as practical (affordable) Take additional measures for quick recovery
in case of a security incident Computer Security is not just a product you
can purchase, it must be an integrated partof the organisation and its operation
Books (images from Amazon)
Appendix: Algorithm of Diffy & Hellman
Bob and Alice want to agree a secret key
however
They have only a public channel to communicate
PROBLEM: How to keep the agreed number secret if all the communication between them may be intercepted?
Appendix: Algorithm of Diffy & Hellman
1. Choose n and g:n = 11 (takie że (n-1)/2 is a prime number)g = 9, so that n>g>1
k = 9 6*8 mod 11 = 3
2. Alice chooses x = 6 and calculates:X = 9 6 mod 11 = 9
2. Bob chooses y = 8 and calculates:Y = 9 8 mod 11 = 3
3. Alice calculates:k = 3 6 mod 11 = 3
3. Bob calculates:k = 9 8 mod 11 = 3